ZooKeeper-trunk-WinVS2008 - Build # 2436 - Still Failing

2017-02-17 Thread Apache Jenkins Server 
See https://builds.apache.org/job/ZooKeeper-trunk-WinVS2008/2436/

###
## LAST 60 LINES OF THE CONSOLE 
###
[...truncated 121 lines...]
   [javacc] File "SimpleCharStream.java" does not exist.  Will create one.
   [javacc] Parser generated successfully.

jute:
[javac] Compiling 39 source files to 
f:\jenkins\jenkins-slave\workspace\ZooKeeper-trunk-WinVS2008\build\classes
[javac] warning: [options] bootstrap class path not set in conjunction with 
-source 1.7
[javac] 1 warning

compile_jute_uptodate:

compile_jute:
[mkdir] Created dir: 
f:\jenkins\jenkins-slave\workspace\ZooKeeper-trunk-WinVS2008\src\java\generated
[mkdir] Created dir: 
f:\jenkins\jenkins-slave\workspace\ZooKeeper-trunk-WinVS2008\src\c\generated
 [java] ../../zookeeper.jute Parsed Successfully
 [java] ../../zookeeper.jute Parsed Successfully
[touch] Creating 
f:\jenkins\jenkins-slave\workspace\ZooKeeper-trunk-WinVS2008\src\java\generated\.generated

BUILD SUCCESSFUL
Total time: 6 seconds
[ZooKeeper-trunk-WinVS2008] $ cmd /c call 
C:\Users\jenkins\AppData\Local\Temp\2\hudson8609528441601996167.bat

f:\jenkins\jenkins-slave\workspace\ZooKeeper-trunk-WinVS2008>set 
ZOOKEEPER_HOME=f:\jenkins\jenkins-slave\workspace\ZooKeeper-trunk-WinVS2008 

f:\jenkins\jenkins-slave\workspace\ZooKeeper-trunk-WinVS2008>set 
PATH=F:\\hudson\\tools\\java\\jdk1.8.0_92-unlimited-security/bin;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program
 Files\Microsoft SQL Server\130\Tools\Binn\;F:\Program 
Files\CMake\bin;F:\Program Files (x86)\Subversion\bin;C:\Program 
Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files (x86)\Windows 
Kits\10\Windows Performance Toolkit\;C:\Program Files 
(x86)\nodejs\;C:\Windows\system32\config\systemprofile\.dnx\bin;C:\Program 
Files\Microsoft DNX\Dnvm\;C:\Program Files (x86)\Microsoft Emulator 
Manager\1.0\;C:\Program Files (x86)\PuTTY\;F:\Program 
Files\Git\cmd;F:\\hudson\\tools\\java\\jdk1.8.0_92-unlimited-security/bin;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program
 Files\Microsoft SQL Server\130\Tools\Binn\;F:\Program 
Files\CMake\bin;F:\Program Files (x86)\Subversion\bin;C:\Program 
Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files (x86)\Windows 
Kits\10\Windows Performance Toolkit\;C:\Program Files 
(x86)\nodejs\;C:\Windows\system32\config\systemprofile\.dnx\bin;C:\Program 
Files\Microsoft DNX\Dnvm\;C:\Program Files (x86)\Microsoft Emulator 
Manager\1.0\;C:\Program Files 
(x86)\PuTTY\;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program
 Files\Microsoft SQL Server\130\Tools\Binn\;F:\Program 
Files\CMake\bin;F:\Program Files (x86)\Subversion\bin;C:\Program 
Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files (x86)\Windows 
Kits\10\Windows Performance 
Toolkit\;C:\Prog;C:/Windows/Microsoft.NET/Framework/v4.0.30319/ 

f:\jenkins\jenkins-slave\workspace\ZooKeeper-trunk-WinVS2008>msbuild 
src/c/zookeeper.sln /p:Configuration=Release 
Microsoft (R) Build Engine version 4.6.1087.0
[Microsoft .NET Framework, version 4.0.30319.42000]
Copyright (C) Microsoft Corporation. All rights reserved.

Building the projects in this solution one at a time. To enable parallel build, 
please add the "/m" switch.
Build started 2/18/2017 5:22:58 AM.
Project 
"f:\jenkins\jenkins-slave\workspace\ZooKeeper-trunk-WinVS2008\src\c\zookeeper.sln"
 on node 1 (default targets).
ValidateSolutionConfiguration:
  Building solution configuration "Release|Win32".
MSBUILD : error MSB3411: Could not load the Visual C++ component "VCBuild.exe". 
If the component is not installed, either 1) install the Microsoft Windows SDK 
for Windows Server 2008 and .NET Framework 3.5, or 2) install Microsoft Visual 
Studio 2008.  
[f:\jenkins\jenkins-slave\workspace\ZooKeeper-trunk-WinVS2008\src\c\zookeeper.sln]
MSBUILD : error MSB3411: Could not load the Visual C++ component "VCBuild.exe". 
If the component is not installed, either 1) install the Microsoft Windows SDK 
for Windows Server 2008 and .NET Framework 3.5, or 2) install Microsoft Visual 
Studio 2008.  
[f:\jenkins\jenkins-slave\workspace\ZooKeeper-trunk-WinVS2008\src\c\zookeeper.sln]
Done Building Project 
"f:\jenkins\jenkins-slave\workspace\ZooKeeper-trunk-WinVS2008\src\c\zookeeper.sln"
 (default targets) -- FAILED.

Build FAILED.

"f:\jenkins\jenkins-slave\workspace\ZooKeeper-trunk-WinVS2008\src\c\zookeeper.sln"
 (default target) (1) ->
(zookeeper target) -> 
  MSBUILD : error MSB3411: Could not load the Visual C++ component 
"VCBuild.exe". If the component is not installed, either 1) install the 
Microsoft Windows SDK for Windows Server 2008 and .NET

[jira] [Commented] (ZOOKEEPER-2691) recreateSocketAddresses may recreate the unreachable IP address

2017-02-17 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2691?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15872922#comment-15872922
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2691:
---

Github user JiangJiafu commented on the issue:

https://github.com/apache/zookeeper/pull/173
  
@eribeiro Thank you for your review.



> recreateSocketAddresses may recreate the unreachable IP address
> ---
>
> Key: ZOOKEEPER-2691
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2691
> Project: ZooKeeper
>  Issue Type: Bug
>Affects Versions: 3.4.8
> Environment: Centos6.5
> Java8
> ZooKeeper3.4.8
>Reporter: JiangJiafu
>Priority: Minor
>
> The QuorumPeer$QuorumServer.recreateSocketAddress()  is used to resolved the 
> hostname to a new IP address(InetAddress) when any exception happens to the 
> socket. It will be very useful when a hostname can be resolved to more than 
> one IP address.
> But the problem is Java API InetAddress.getByName(String hostname) will 
> always return the first IP address when the hostname can be resolved to more 
> than one IP address, and the first IP address may be unreachable forever. For 
> example, if a machine has two network interfaces: eth0, eth1, say eth0 has 
> ip1, eth1 has ip2, the relationship between hostname and the IP addresses is 
> set in /etc/hosts. When I "close" the eth0 by command "ifdown eth0", the 
> InetAddress.getByName(String hostname)  will still return ip1, which is 
> unreachable forever.
> So I think it will be better to check the IP address by 
> InetAddress.isReachable(long) and choose the reachable IP address. 
> I have modified the ZooKeeper source code, and test the new code in my own 
> environment, and it can work very well when I turn down some network 
> interfaces using "ifdown" command.
> The original code is:
> {code:title=QuorumPeer.java|borderStyle=solid}
> public void recreateSocketAddresses() {
> InetAddress address = null;
> try {
> address = InetAddress.getByName(this.hostname);
> LOG.info("Resolved hostname: {} to address: {}", 
> this.hostname, address);
> this.addr = new InetSocketAddress(address, this.port);
> if (this.electionPort > 0){
> this.electionAddr = new InetSocketAddress(address, 
> this.electionPort);
> }
> } catch (UnknownHostException ex) {
> LOG.warn("Failed to resolve address: {}", this.hostname, ex);
> // Have we succeeded in the past?
> if (this.addr != null) {
> // Yes, previously the lookup succeeded. Leave things as 
> they are
> return;
> }
> // The hostname has never resolved. Create our 
> InetSocketAddress(es) as unresolved
> this.addr = InetSocketAddress.createUnresolved(this.hostname, 
> this.port);
> if (this.electionPort > 0){
> this.electionAddr = 
> InetSocketAddress.createUnresolved(this.hostname,
>
> this.electionPort);
> }
> }
> }
> {code}
> After my modification:
> {code:title=QuorumPeer.java|borderStyle=solid}
> public void recreateSocketAddresses() {
> InetAddress address = null;
> try {
> address = getReachableAddress(this.hostname);
> LOG.info("Resolved hostname: {} to address: {}", 
> this.hostname, address);
> this.addr = new InetSocketAddress(address, this.port);
> if (this.electionPort > 0){
> this.electionAddr = new InetSocketAddress(address, 
> this.electionPort);
> }
> } catch (UnknownHostException ex) {
> LOG.warn("Failed to resolve address: {}", this.hostname, ex);
> // Have we succeeded in the past?
> if (this.addr != null) {
> // Yes, previously the lookup succeeded. Leave things as 
> they are
> return;
> }
> // The hostname has never resolved. Create our 
> InetSocketAddress(es) as unresolved
> this.addr = InetSocketAddress.createUnresolved(this.hostname, 
> this.port);
> if (this.electionPort > 0){
> this.electionAddr = 
> InetSocketAddress.createUnresolved(this.hostname,
>
> this.electionPort);
> }
> }
> }
> public InetAddress getReachableAddress(String hostname) throws 
> UnknownHostException {
>

[GitHub] zookeeper issue #173: ZOOKEEPER-2691: recreateSocketAddresses may recreate t...

2017-02-17 Thread JiangJiafu 
Github user JiangJiafu commented on the issue:

https://github.com/apache/zookeeper/pull/173
  
@eribeiro Thank you for your review.



---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

Success: ZOOKEEPER- PreCommit Build #352

2017-02-17 Thread Apache Jenkins Server 
Build: https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/352/

###
## LAST 60 LINES OF THE CONSOLE 
###
[...truncated 489229 lines...]
 [exec] 
 [exec] +1 @author.  The patch does not contain any @author tags.
 [exec] 
 [exec] +0 tests included.  The patch appears to be a documentation 
patch that doesn't require tests.
 [exec] 
 [exec] +1 javadoc.  The javadoc tool did not generate any warning 
messages.
 [exec] 
 [exec] +1 javac.  The applied patch does not increase the total number 
of javac compiler warnings.
 [exec] 
 [exec] +1 findbugs.  The patch does not introduce any new Findbugs 
(version 3.0.1) warnings.
 [exec] 
 [exec] +1 release audit.  The applied patch does not increase the 
total number of release audit warnings.
 [exec] 
 [exec] +1 core tests.  The patch passed core unit tests.
 [exec] 
 [exec] +1 contrib tests.  The patch passed contrib unit tests.
 [exec] 
 [exec] Test results: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/352//testReport/
 [exec] Findbugs warnings: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/352//artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html
 [exec] Console output: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/352//console
 [exec] 
 [exec] This message is automatically generated.
 [exec] 
 [exec] 
 [exec] 
==
 [exec] 
==
 [exec] Adding comment to Jira.
 [exec] 
==
 [exec] 
==
 [exec] 
 [exec] 
 [exec] Comment added.
 [exec] 7d04e22962e815ab20baa70a9d89beef577f7d10 logged out
 [exec] 
 [exec] 
 [exec] 
==
 [exec] 
==
 [exec] Finished build.
 [exec] 
==
 [exec] 
==
 [exec] 
 [exec] 
 [exec] mv: 
'/home/jenkins/jenkins-slave/workspace/PreCommit-ZOOKEEPER-github-pr-build/patchprocess'
 and 
'/home/jenkins/jenkins-slave/workspace/PreCommit-ZOOKEEPER-github-pr-build/patchprocess'
 are the same file

BUILD SUCCESSFUL
Total time: 20 minutes 1 second
Archiving artifacts
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Recording test results
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
[description-setter] Description set: ZOOKEEPER-2700
Putting comment on the pull request
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Email was triggered for: Success
Sending email for trigger: Success
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7



###
## FAILED TESTS (if any) 
##
All tests passed

[GitHub] zookeeper pull request #180: ZOOKEEPER-2700 add `snap` command to take snaps...

2017-02-17 Thread flier 
Github user flier commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/180#discussion_r101880473
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/SnapCommand.java ---
@@ -0,0 +1,53 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.zookeeper.server.command;
+
+import org.apache.zookeeper.server.ServerCnxn;
+import org.apache.zookeeper.server.ZooKeeperThread;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+
+public class SnapCommand extends AbstractFourLetterCommand {
+private static final Logger LOG = 
LoggerFactory.getLogger(SnapCommand.class);
+
+SnapCommand(PrintWriter pw, ServerCnxn serverCnxn) {
+super(pw,serverCnxn);
+}
+
+@Override
+public void commandRun() throws IOException {
+if (!isZKServerRunning()) {
+pw.println(ZK_NOT_SERVING);
+} else {
+Thread snapInProcess = new ZooKeeperThread("Snapshot Thread") {
+public void run() {
+try {
+zkServer.takeSnapshot();
--- End diff --

I have wrapped the manual requests from `snap` command or JMX with a 
`tryTakeSnapshot` method, which will skip action when there are busy. If you 
believe it is necessary, we could merge the check into `takeSnapshot`, which 
may impact all the server workflow.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[jira] [Commented] (ZOOKEEPER-2700) Force ZooKeeper to generate snapshot

2017-02-17 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2700?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15872883#comment-15872883
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2700:
---

Github user flier commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/180#discussion_r101880274
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/SnapCommand.java ---
@@ -0,0 +1,53 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.zookeeper.server.command;
+
+import org.apache.zookeeper.server.ServerCnxn;
+import org.apache.zookeeper.server.ZooKeeperThread;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+
+public class SnapCommand extends AbstractFourLetterCommand {
+private static final Logger LOG = 
LoggerFactory.getLogger(SnapCommand.class);
+
+SnapCommand(PrintWriter pw, ServerCnxn serverCnxn) {
+super(pw,serverCnxn);
+}
+
+@Override
+public void commandRun() throws IOException {
+if (!isZKServerRunning()) {
+pw.println(ZK_NOT_SERVING);
+} else {
+Thread snapInProcess = new ZooKeeperThread("Snapshot Thread") {
--- End diff --

@revans2 now, only generate snapshot when idle and last zxid changed.

@hanm I think `snap` should be a command to impact only one instance, no an 
administration task to all instance in cluster.

@eribeiro added a `takeSnapshot` method to JMX


> Force ZooKeeper to generate snapshot
> 
>
> Key: ZOOKEEPER-2700
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2700
> Project: ZooKeeper
>  Issue Type: Improvement
>Reporter: Flier Lu
>Priority: Minor
>
> When cold backup or remote offline sync Zookeeper instances, we need the 
> latest snapshot.
> Add a four letter `snap` command to force Zookeeper to generate snapshot.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[GitHub] zookeeper pull request #180: ZOOKEEPER-2700 add `snap` command to take snaps...

2017-02-17 Thread flier 
Github user flier commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/180#discussion_r101880274
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/SnapCommand.java ---
@@ -0,0 +1,53 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.zookeeper.server.command;
+
+import org.apache.zookeeper.server.ServerCnxn;
+import org.apache.zookeeper.server.ZooKeeperThread;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+
+public class SnapCommand extends AbstractFourLetterCommand {
+private static final Logger LOG = 
LoggerFactory.getLogger(SnapCommand.class);
+
+SnapCommand(PrintWriter pw, ServerCnxn serverCnxn) {
+super(pw,serverCnxn);
+}
+
+@Override
+public void commandRun() throws IOException {
+if (!isZKServerRunning()) {
+pw.println(ZK_NOT_SERVING);
+} else {
+Thread snapInProcess = new ZooKeeperThread("Snapshot Thread") {
--- End diff --

@revans2 now, only generate snapshot when idle and last zxid changed.

@hanm I think `snap` should be a command to impact only one instance, no an 
administration task to all instance in cluster.

@eribeiro added a `takeSnapshot` method to JMX


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

Failed: ZOOKEEPER- PreCommit Build #353

2017-02-17 Thread Apache Jenkins Server 
Build: https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/353/

###
## LAST 60 LINES OF THE CONSOLE 
###
[...truncated 25 lines...]
  Getting sizes
Done: 10
  Compressing objects
Done: 0
  Writing objects
Done: 11
  remote: Updating references
Merging refs/tags/changes/353
 > git rev-parse refs/tags/changes/353^{commit} # timeout=10
 > git merge 5c1bf6bd452e8237cb0bb9d871f3d0b3d08e0de2 # timeout=10
 > git rev-parse branch-3.4^{commit} # timeout=10
Checking out Revision 0c3cc36743d9d3d3c411a7cc24357dc6791ae431 (branch-3.4)
 > git config core.sparsecheckout # timeout=10
 > git checkout -f 0c3cc36743d9d3d3c411a7cc24357dc6791ae431
 > git rev-parse origin/branch-3.4^{commit} # timeout=10
 > git rev-list 373b82bab843cc84c22b99f6511f8fea974fd2b4 # timeout=10
No emails were triggered.
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
[PreCommit-ZOOKEEPER-github-pr-build] $ /bin/bash 
/tmp/hudson3293313781616011963.sh
/home/jenkins/tools/java/latest1.7/bin/java
java version "1.7.0_80"
Java(TM) SE Runtime Environment (build 1.7.0_80-b15)
Java HotSpot(TM) 64-Bit Server VM (build 24.80-b11, mixed mode)
core file size  (blocks, -c) 0
data seg size   (kbytes, -d) unlimited
scheduling priority (-e) 0
file size   (blocks, -f) unlimited
pending signals (-i) 386177
max locked memory   (kbytes, -l) 64
max memory size (kbytes, -m) unlimited
open files  (-n) 6
pipe size(512 bytes, -p) 8
POSIX message queues (bytes, -q) 819200
real-time priority  (-r) 0
stack size  (kbytes, -s) 8192
cpu time   (seconds, -t) unlimited
max user processes  (-u) 10240
virtual memory  (kbytes, -v) unlimited
file locks  (-x) unlimited
Buildfile: 
/home/jenkins/jenkins-slave/workspace/PreCommit-ZOOKEEPER-github-pr-build/build.xml

BUILD FAILED
Target "qa-test-pullrequest" does not exist in the project "ZooKeeper". 

Total time: 0 seconds
Build step 'Execute shell' marked build as failure
Archiving artifacts
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Recording test results
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
ERROR: Step ‘Publish JUnit test result report’ failed: No test report files 
were found. Configuration error?
[description-setter] Could not determine description.
Putting comment on the pull request
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Email was triggered for: Failure - Any
Sending email for trigger: Failure - Any
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7



###
## FAILED TESTS (if any) 
##
No tests ran.

[jira] [Commented] (ZOOKEEPER-2693) DOS attack on wchp/wchc four letter words (4lw)

2017-02-17 Thread Hadoop QA (JIRA) 

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15872838#comment-15872838
 ] 

Hadoop QA commented on ZOOKEEPER-2693:
--

-1 overall.  GitHub Pull Request  Build
  

+1 @author.  The patch does not contain any @author tags.

+1 tests included.  The patch appears to include 5 new or modified tests.

+1 javadoc.  The javadoc tool did not generate any warning messages.

+1 javac.  The applied patch does not increase the total number of javac 
compiler warnings.

+1 findbugs.  The patch does not introduce any new Findbugs (version 3.0.1) 
warnings.

+1 release audit.  The applied patch does not increase the total number of 
release audit warnings.

-1 core tests.  The patch failed core unit tests.

+1 contrib tests.  The patch passed contrib unit tests.

Test results: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/351//testReport/
Findbugs warnings: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/351//artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html
Console output: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/351//console

This message is automatically generated.

> DOS attack on wchp/wchc four letter words (4lw)
> ---
>
> Key: ZOOKEEPER-2693
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2693
> Project: ZooKeeper
>  Issue Type: Bug
>  Components: security, server
>Affects Versions: 3.4.0, 3.5.1, 3.5.2
>Reporter: Patrick Hunt
>Assignee: Michael Han
>Priority: Blocker
> Fix For: 3.4.10, 3.5.3
>
>
> The wchp/wchc four letter words can be exploited in a DOS attack on the ZK 
> client port - typically 2181. The following POC attack was recently published 
> on the web:
> https://webcache.googleusercontent.com/search?q=cache:_CNGIz10PRYJ:https://www.exploit-db.com/exploits/41277/+=14=en=clnk=us
> The most straightforward way to block this attack is to not allow access to 
> the client port to non-trusted clients - i.e. firewall the ZooKeeper service 
> and only allow access to trusted applications using it for coordination.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Failed: ZOOKEEPER- PreCommit Build #351

2017-02-17 Thread Apache Jenkins Server 
Build: https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/351/

###
## LAST 60 LINES OF THE CONSOLE 
###
[...truncated 478881 lines...]
 [exec] 
 [exec] +1 javadoc.  The javadoc tool did not generate any warning 
messages.
 [exec] 
 [exec] +1 javac.  The applied patch does not increase the total number 
of javac compiler warnings.
 [exec] 
 [exec] +1 findbugs.  The patch does not introduce any new Findbugs 
(version 3.0.1) warnings.
 [exec] 
 [exec] +1 release audit.  The applied patch does not increase the 
total number of release audit warnings.
 [exec] 
 [exec] -1 core tests.  The patch failed core unit tests.
 [exec] 
 [exec] +1 contrib tests.  The patch passed contrib unit tests.
 [exec] 
 [exec] Test results: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/351//testReport/
 [exec] Findbugs warnings: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/351//artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html
 [exec] Console output: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/351//console
 [exec] 
 [exec] This message is automatically generated.
 [exec] 
 [exec] 
 [exec] 
==
 [exec] 
==
 [exec] Adding comment to Jira.
 [exec] 
==
 [exec] 
==
 [exec] 
 [exec] 
 [exec] Comment added.
 [exec] 4a8ef156f5391adc048d483ecb0ee70b54ccf5b9 logged out
 [exec] 
 [exec] 
 [exec] 
==
 [exec] 
==
 [exec] Finished build.
 [exec] 
==
 [exec] 
==
 [exec] 
 [exec] 
 [exec] mv: 
'/home/jenkins/jenkins-slave/workspace/PreCommit-ZOOKEEPER-github-pr-build/patchprocess'
 and 
'/home/jenkins/jenkins-slave/workspace/PreCommit-ZOOKEEPER-github-pr-build/patchprocess'
 are the same file

BUILD FAILED
/home/jenkins/jenkins-slave/workspace/PreCommit-ZOOKEEPER-github-pr-build/build.xml:1635:
 exec returned: 1

Total time: 13 minutes 42 seconds
Build step 'Execute shell' marked build as failure
Archiving artifacts
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Compressed 575.59 KB of artifacts by 44.5% relative to #337
Recording test results
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
[description-setter] Description set: ZOOKEEPER-2693
Putting comment on the pull request
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Email was triggered for: Failure - Any
Sending email for trigger: Failure - Any
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7



###
## FAILED TESTS (if any) 
##
1 tests failed.
FAILED:  
org.apache.zookeeper.server.quorum.ReconfigDuringLeaderSyncTest.testDuringLeaderSync

Error Message:
zoo.cfg.dynamic.next is not deleted.

Stack Trace:
junit.framework.AssertionFailedError: zoo.cfg.dynamic.next is not deleted.
at 
org.apache.zookeeper.server.quorum.ReconfigDuringLeaderSyncTest.testDuringLeaderSync(ReconfigDuringLeaderSyncTest.java:165)
at 
org.apache.zookeeper.JUnit4ZKTestRunner$LoggedInvokeMethod.evaluate(JUnit4ZKTestRunner.java:79)

[jira] [Commented] (ZOOKEEPER-2693) DOS attack on wchp/wchc four letter words (4lw)

2017-02-17 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15872837#comment-15872837
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2693:
---

Github user hanm commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101877565
  
--- Diff: 
src/java/test/org/apache/zookeeper/test/FourLetterWordsWhiteListTest.java ---
@@ -0,0 +1,151 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.zookeeper.test;
+
+import java.io.IOException;
+
+import org.apache.zookeeper.TestableZooKeeper;
+import org.apache.zookeeper.common.X509Exception.SSLContextException;
+
+import static 
org.apache.zookeeper.client.FourLetterWordMain.send4LetterWord;
+
+import org.apache.zookeeper.server.command.FourLetterCommands;
+import org.junit.Assert;
+import org.junit.Test;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class FourLetterWordsWhiteListTest extends ClientBase {
--- End diff --

The test should cover all cases @arshadmohammad mentioned except that 
"verify that for non-configured commands connection is close" - I'll probably 
add that test too but for now just want to upload test for feedback. Let me 
know what you think @arshadmohammad .


> DOS attack on wchp/wchc four letter words (4lw)
> ---
>
> Key: ZOOKEEPER-2693
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2693
> Project: ZooKeeper
>  Issue Type: Bug
>  Components: security, server
>Affects Versions: 3.4.0, 3.5.1, 3.5.2
>Reporter: Patrick Hunt
>Assignee: Michael Han
>Priority: Blocker
> Fix For: 3.4.10, 3.5.3
>
>
> The wchp/wchc four letter words can be exploited in a DOS attack on the ZK 
> client port - typically 2181. The following POC attack was recently published 
> on the web:
> https://webcache.googleusercontent.com/search?q=cache:_CNGIz10PRYJ:https://www.exploit-db.com/exploits/41277/+=14=en=clnk=us
> The most straightforward way to block this attack is to not allow access to 
> the client port to non-trusted clients - i.e. firewall the ZooKeeper service 
> and only allow access to trusted applications using it for coordination.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[GitHub] zookeeper pull request #179: ZOOKEEPER-2693: DOS attack on wchp/wchc four le...

2017-02-17 Thread hanm 
Github user hanm commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101877565
  
--- Diff: 
src/java/test/org/apache/zookeeper/test/FourLetterWordsWhiteListTest.java ---
@@ -0,0 +1,151 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.zookeeper.test;
+
+import java.io.IOException;
+
+import org.apache.zookeeper.TestableZooKeeper;
+import org.apache.zookeeper.common.X509Exception.SSLContextException;
+
+import static 
org.apache.zookeeper.client.FourLetterWordMain.send4LetterWord;
+
+import org.apache.zookeeper.server.command.FourLetterCommands;
+import org.junit.Assert;
+import org.junit.Test;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class FourLetterWordsWhiteListTest extends ClientBase {
--- End diff --

The test should cover all cases @arshadmohammad mentioned except that 
"verify that for non-configured commands connection is close" - I'll probably 
add that test too but for now just want to upload test for feedback. Let me 
know what you think @arshadmohammad .


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[jira] [Commented] (ZOOKEEPER-2693) DOS attack on wchp/wchc four letter words (4lw)

2017-02-17 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15872834#comment-15872834
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2693:
---

Github user hanm commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101877413
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/FourLetterCommands.java ---
@@ -153,11 +159,69 @@
  */
 public final static int telnetCloseCmd = 0xfff4fffd;
 
-final static HashMap cmd2String =
-new HashMap();
+private static final String ZOOKEEPER_4LW_COMMANDS_WHITELIST = 
"zookeeper.4lw.commands.whitelist";
+
+private static final Logger LOG = 
LoggerFactory.getLogger(FourLetterCommands.class);
+
+private static final Map cmd2String = new 
HashMap();
+
+private static final Set whiteListedCommands = new 
HashSet();
+
+private static boolean whiteListInitialized = false;
+
+// @VisibleForTesting
+public static void resetWhiteList() {
+whiteListInitialized = false;
+whiteListedCommands.clear();
+}
+
+/**
+ * Return the string representation of the specified command code.
+ */
+public static String getCommandString(int command) {
+return cmd2String.get(command);
+}
+
+/**
+ * Check if the specified command code is from a known command.
+ *
+ * @param command The integer code of command.
+ * @return true if the specified command is known, false otherwise.
+ */
+public static boolean isKnown(int command) {
+return cmd2String.containsKey(command);
+}
 
-public static Map getCmdMapView() {
--- End diff --

While I am on this, this legacy method can be optimized as a boolean query 
instead of returning a collection, so did the change for this as well (in 
addition to the white list collection.).


> DOS attack on wchp/wchc four letter words (4lw)
> ---
>
> Key: ZOOKEEPER-2693
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2693
> Project: ZooKeeper
>  Issue Type: Bug
>  Components: security, server
>Affects Versions: 3.4.0, 3.5.1, 3.5.2
>Reporter: Patrick Hunt
>Assignee: Michael Han
>Priority: Blocker
> Fix For: 3.4.10, 3.5.3
>
>
> The wchp/wchc four letter words can be exploited in a DOS attack on the ZK 
> client port - typically 2181. The following POC attack was recently published 
> on the web:
> https://webcache.googleusercontent.com/search?q=cache:_CNGIz10PRYJ:https://www.exploit-db.com/exploits/41277/+=14=en=clnk=us
> The most straightforward way to block this attack is to not allow access to 
> the client port to non-trusted clients - i.e. firewall the ZooKeeper service 
> and only allow access to trusted applications using it for coordination.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[GitHub] zookeeper pull request #179: ZOOKEEPER-2693: DOS attack on wchp/wchc four le...

2017-02-17 Thread hanm 
Github user hanm commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101877413
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/FourLetterCommands.java ---
@@ -153,11 +159,69 @@
  */
 public final static int telnetCloseCmd = 0xfff4fffd;
 
-final static HashMap cmd2String =
-new HashMap();
+private static final String ZOOKEEPER_4LW_COMMANDS_WHITELIST = 
"zookeeper.4lw.commands.whitelist";
+
+private static final Logger LOG = 
LoggerFactory.getLogger(FourLetterCommands.class);
+
+private static final Map cmd2String = new 
HashMap();
+
+private static final Set whiteListedCommands = new 
HashSet();
+
+private static boolean whiteListInitialized = false;
+
+// @VisibleForTesting
+public static void resetWhiteList() {
+whiteListInitialized = false;
+whiteListedCommands.clear();
+}
+
+/**
+ * Return the string representation of the specified command code.
+ */
+public static String getCommandString(int command) {
+return cmd2String.get(command);
+}
+
+/**
+ * Check if the specified command code is from a known command.
+ *
+ * @param command The integer code of command.
+ * @return true if the specified command is known, false otherwise.
+ */
+public static boolean isKnown(int command) {
+return cmd2String.containsKey(command);
+}
 
-public static Map getCmdMapView() {
--- End diff --

While I am on this, this legacy method can be optimized as a boolean query 
instead of returning a collection, so did the change for this as well (in 
addition to the white list collection.).


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[GitHub] zookeeper pull request #179: ZOOKEEPER-2693: DOS attack on wchp/wchc four le...

2017-02-17 Thread hanm 
Github user hanm commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101877350
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/FourLetterCommands.java ---
@@ -153,11 +159,69 @@
  */
 public final static int telnetCloseCmd = 0xfff4fffd;
 
-final static HashMap cmd2String =
-new HashMap();
+private static final String ZOOKEEPER_4LW_COMMANDS_WHITELIST = 
"zookeeper.4lw.commands.whitelist";
+
+private static final Logger LOG = 
LoggerFactory.getLogger(FourLetterCommands.class);
+
+private static final Map cmd2String = new 
HashMap();
+
+private static final Set whiteListedCommands = new 
HashSet();
+
+private static boolean whiteListInitialized = false;
--- End diff --

Introduce this instead of relying on whiteListedCommands.empty to deal with 
the case where the list is empty and initialized. 


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[jira] [Commented] (ZOOKEEPER-2693) DOS attack on wchp/wchc four letter words (4lw)

2017-02-17 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15872833#comment-15872833
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2693:
---

Github user hanm commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101877350
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/FourLetterCommands.java ---
@@ -153,11 +159,69 @@
  */
 public final static int telnetCloseCmd = 0xfff4fffd;
 
-final static HashMap cmd2String =
-new HashMap();
+private static final String ZOOKEEPER_4LW_COMMANDS_WHITELIST = 
"zookeeper.4lw.commands.whitelist";
+
+private static final Logger LOG = 
LoggerFactory.getLogger(FourLetterCommands.class);
+
+private static final Map cmd2String = new 
HashMap();
+
+private static final Set whiteListedCommands = new 
HashSet();
+
+private static boolean whiteListInitialized = false;
--- End diff --

Introduce this instead of relying on whiteListedCommands.empty to deal with 
the case where the list is empty and initialized. 


> DOS attack on wchp/wchc four letter words (4lw)
> ---
>
> Key: ZOOKEEPER-2693
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2693
> Project: ZooKeeper
>  Issue Type: Bug
>  Components: security, server
>Affects Versions: 3.4.0, 3.5.1, 3.5.2
>Reporter: Patrick Hunt
>Assignee: Michael Han
>Priority: Blocker
> Fix For: 3.4.10, 3.5.3
>
>
> The wchp/wchc four letter words can be exploited in a DOS attack on the ZK 
> client port - typically 2181. The following POC attack was recently published 
> on the web:
> https://webcache.googleusercontent.com/search?q=cache:_CNGIz10PRYJ:https://www.exploit-db.com/exploits/41277/+=14=en=clnk=us
> The most straightforward way to block this attack is to not allow access to 
> the client port to non-trusted clients - i.e. firewall the ZooKeeper service 
> and only allow access to trusted applications using it for coordination.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (ZOOKEEPER-2693) DOS attack on wchp/wchc four letter words (4lw)

2017-02-17 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15872828#comment-15872828
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2693:
---

Github user hanm commented on the issue:

https://github.com/apache/zookeeper/pull/179
  
Patch updated to address review comments from @arshadmohammad.


> DOS attack on wchp/wchc four letter words (4lw)
> ---
>
> Key: ZOOKEEPER-2693
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2693
> Project: ZooKeeper
>  Issue Type: Bug
>  Components: security, server
>Affects Versions: 3.4.0, 3.5.1, 3.5.2
>Reporter: Patrick Hunt
>Assignee: Michael Han
>Priority: Blocker
> Fix For: 3.4.10, 3.5.3
>
>
> The wchp/wchc four letter words can be exploited in a DOS attack on the ZK 
> client port - typically 2181. The following POC attack was recently published 
> on the web:
> https://webcache.googleusercontent.com/search?q=cache:_CNGIz10PRYJ:https://www.exploit-db.com/exploits/41277/+=14=en=clnk=us
> The most straightforward way to block this attack is to not allow access to 
> the client port to non-trusted clients - i.e. firewall the ZooKeeper service 
> and only allow access to trusted applications using it for coordination.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[GitHub] zookeeper issue #179: ZOOKEEPER-2693: DOS attack on wchp/wchc four letter wo...

2017-02-17 Thread hanm 
Github user hanm commented on the issue:

https://github.com/apache/zookeeper/pull/179
  
Patch updated to address review comments from @arshadmohammad.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

ZooKeeper_branch34 - Build # 1841 - Still Failing

2017-02-17 Thread Apache Jenkins Server 
See https://builds.apache.org/job/ZooKeeper_branch34/1841/

###
## LAST 60 LINES OF THE CONSOLE 
###
[...truncated 58 lines...]
  collisions:0 txqueuelen:0 
  RX bytes:2378130641900 (2.3 TB)  TX bytes:2378130641900 (2.3 TB)

core file size  (blocks, -c) 0
data seg size   (kbytes, -d) unlimited
scheduling priority (-e) 0
file size   (blocks, -f) unlimited
pending signals (-i) 386177
max locked memory   (kbytes, -l) 64
max memory size (kbytes, -m) unlimited
open files  (-n) 6
pipe size(512 bytes, -p) 8
POSIX message queues (bytes, -q) 819200
real-time priority  (-r) 0
stack size  (kbytes, -s) 8192
cpu time   (seconds, -t) unlimited
max user processes  (-u) 10240
virtual memory  (kbytes, -v) unlimited
file locks  (-x) unlimited
6
/home/jenkins/tools/ant/latest/bin/ant clean
Exception in thread "main" java.lang.UnsupportedClassVersionError: 
org/apache/tools/ant/launch/Launcher : Unsupported major.minor version 52.0
at java.lang.ClassLoader.defineClass1(Native Method)
at java.lang.ClassLoader.defineClass(ClassLoader.java:800)
at 
java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142)
at java.net.URLClassLoader.defineClass(URLClassLoader.java:449)
at java.net.URLClassLoader.access$100(URLClassLoader.java:71)
at java.net.URLClassLoader$1.run(URLClassLoader.java:361)
at java.net.URLClassLoader$1.run(URLClassLoader.java:355)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:354)
at java.lang.ClassLoader.loadClass(ClassLoader.java:425)
at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:308)
at java.lang.ClassLoader.loadClass(ClassLoader.java:358)
at sun.launcher.LauncherHelper.checkAndLoadMain(LauncherHelper.java:482)
Exception in thread "main" java.lang.UnsupportedClassVersionError: 
org/apache/tools/ant/launch/Launcher : Unsupported major.minor version 52.0
at java.lang.ClassLoader.defineClass1(Native Method)
at java.lang.ClassLoader.defineClass(ClassLoader.java:800)
at 
java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142)
at java.net.URLClassLoader.defineClass(URLClassLoader.java:449)
at java.net.URLClassLoader.access$100(URLClassLoader.java:71)
at java.net.URLClassLoader$1.run(URLClassLoader.java:361)
at java.net.URLClassLoader$1.run(URLClassLoader.java:355)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:354)
at java.lang.ClassLoader.loadClass(ClassLoader.java:425)
at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:308)
at java.lang.ClassLoader.loadClass(ClassLoader.java:358)
at sun.launcher.LauncherHelper.checkAndLoadMain(LauncherHelper.java:482)
mv: cannot stat ‘build/*.tar.gz’: No such file or directory
mv: cannot stat ‘build/*.jar’: No such file or directory
mv: cannot stat ‘build/test/findbugs’: No such file or directory
mv: cannot stat ‘build/docs/api’: No such file or directory
Build Failed
Build step 'Execute shell' marked build as failure
Recording test results
ERROR: Step ‘Publish JUnit test result report’ failed: No test report files 
were found. Configuration error?
Email was triggered for: Failure - Any
Sending email for trigger: Failure - Any



###
## FAILED TESTS (if any) 
##
No tests ran.

ZooKeeper-trunk - Build # 3285 - Still Failing

2017-02-17 Thread Apache Jenkins Server 
See https://builds.apache.org/job/ZooKeeper-trunk/3285/

###
## LAST 60 LINES OF THE CONSOLE 
###
[...truncated 79 lines...]
POSIX message queues (bytes, -q) 819200
real-time priority  (-r) 0
stack size  (kbytes, -s) 8192
cpu time   (seconds, -t) unlimited
max user processes  (-u) 10240
virtual memory  (kbytes, -v) unlimited
file locks  (-x) unlimited
6
/home/jenkins/tools/ant/latest/bin/ant clean
Exception in thread "main" java.lang.UnsupportedClassVersionError: 
org/apache/tools/ant/launch/Launcher : Unsupported major.minor version 52.0
at java.lang.ClassLoader.defineClass1(Native Method)
at java.lang.ClassLoader.defineClass(ClassLoader.java:800)
at 
java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142)
at java.net.URLClassLoader.defineClass(URLClassLoader.java:449)
at java.net.URLClassLoader.access$100(URLClassLoader.java:71)
at java.net.URLClassLoader$1.run(URLClassLoader.java:361)
at java.net.URLClassLoader$1.run(URLClassLoader.java:355)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:354)
at java.lang.ClassLoader.loadClass(ClassLoader.java:425)
at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:308)
at java.lang.ClassLoader.loadClass(ClassLoader.java:358)
at sun.launcher.LauncherHelper.checkAndLoadMain(LauncherHelper.java:482)
Exception in thread "main" java.lang.UnsupportedClassVersionError: 
org/apache/tools/ant/launch/Launcher : Unsupported major.minor version 52.0
at java.lang.ClassLoader.defineClass1(Native Method)
at java.lang.ClassLoader.defineClass(ClassLoader.java:800)
at 
java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142)
at java.net.URLClassLoader.defineClass(URLClassLoader.java:449)
at java.net.URLClassLoader.access$100(URLClassLoader.java:71)
at java.net.URLClassLoader$1.run(URLClassLoader.java:361)
at java.net.URLClassLoader$1.run(URLClassLoader.java:355)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:354)
at java.lang.ClassLoader.loadClass(ClassLoader.java:425)
at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:308)
at java.lang.ClassLoader.loadClass(ClassLoader.java:358)
at sun.launcher.LauncherHelper.checkAndLoadMain(LauncherHelper.java:482)
mv: cannot stat 'build/*.tar.gz': No such file or directory
mv: cannot stat 'build/*.jar': No such file or directory
mv: cannot stat 'build/test/findbugs': No such file or directory
mv: cannot stat 'build/docs/api': No such file or directory
Build Failed
Build step 'Execute shell' marked build as failure
[FINDBUGS] Skipping publisher since build result is FAILURE
[WARNINGS] Skipping publisher since build result is FAILURE
Archiving artifacts
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Recording fingerprints
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Recording test results
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
ERROR: Step ?Publish JUnit test result report? failed: No test report files 
were found. Configuration error?
Publishing Javadoc
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Email was triggered for: Failure - Any
Sending email for trigger: Failure - Any
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7



###
## FAILED TESTS (if any) 
##
No tests ran.

ZooKeeper_branch34_jdk8 - Build # 889 - Still Failing

2017-02-17 Thread Apache Jenkins Server 
See https://builds.apache.org/job/ZooKeeper_branch34_jdk8/889/

###
## LAST 60 LINES OF THE CONSOLE 
###
[...truncated 240379 lines...]
[junit] 2017-02-17 22:57:57,931 [myid:] - INFO  
[main:SessionTrackerImpl@225] - Shutting down
[junit] 2017-02-17 22:57:57,931 [myid:] - INFO  
[main:PrepRequestProcessor@764] - Shutting down
[junit] 2017-02-17 22:57:57,931 [myid:] - INFO  
[main:SyncRequestProcessor@208] - Shutting down
[junit] 2017-02-17 22:57:57,931 [myid:] - INFO  [ProcessThread(sid:0 
cport:11221)::PrepRequestProcessor@143] - PrepRequestProcessor exited loop!
[junit] 2017-02-17 22:57:57,931 [myid:] - INFO  
[SyncThread:0:SyncRequestProcessor@186] - SyncRequestProcessor exited!
[junit] 2017-02-17 22:57:57,931 [myid:] - INFO  
[main:FinalRequestProcessor@402] - shutdown of request processor complete
[junit] 2017-02-17 22:57:57,932 [myid:] - INFO  
[main:FourLetterWordMain@62] - connecting to 127.0.0.1 11221
[junit] 2017-02-17 22:57:57,932 [myid:] - INFO  [main:JMXEnv@147] - 
ensureOnly:[]
[junit] 2017-02-17 22:57:57,934 [myid:] - INFO  [main:ClientBase@445] - 
STARTING server
[junit] 2017-02-17 22:57:57,934 [myid:] - INFO  [main:ClientBase@366] - 
CREATING server instance 127.0.0.1:11221
[junit] 2017-02-17 22:57:57,934 [myid:] - INFO  
[main:NIOServerCnxnFactory@89] - binding to port 0.0.0.0/0.0.0.0:11221
[junit] 2017-02-17 22:57:57,934 [myid:] - INFO  [main:ClientBase@341] - 
STARTING server instance 127.0.0.1:11221
[junit] 2017-02-17 22:57:57,935 [myid:] - INFO  [main:ZooKeeperServer@173] 
- Created server with tickTime 3000 minSessionTimeout 6000 maxSessionTimeout 
6 datadir 
/home/jenkins/jenkins-slave/workspace/ZooKeeper_branch34_jdk8/build/test/tmp/test2003572348454122803.junit.dir/version-2
 snapdir 
/home/jenkins/jenkins-slave/workspace/ZooKeeper_branch34_jdk8/build/test/tmp/test2003572348454122803.junit.dir/version-2
[junit] 2017-02-17 22:57:57,937 [myid:] - ERROR [main:ZooKeeperServer@472] 
- ZKShutdownHandler is not registered, so ZooKeeper server won't take any 
action on ERROR or SHUTDOWN server state changes
[junit] 2017-02-17 22:57:57,937 [myid:] - INFO  
[main:FourLetterWordMain@62] - connecting to 127.0.0.1 11221
[junit] 2017-02-17 22:57:57,938 [myid:] - INFO  
[NIOServerCxn.Factory:0.0.0.0/0.0.0.0:11221:NIOServerCnxnFactory@192] - 
Accepted socket connection from /127.0.0.1:55924
[junit] 2017-02-17 22:57:57,938 [myid:] - INFO  
[NIOServerCxn.Factory:0.0.0.0/0.0.0.0:11221:NIOServerCnxn@838] - Processing 
stat command from /127.0.0.1:55924
[junit] 2017-02-17 22:57:57,939 [myid:] - INFO  
[Thread-4:NIOServerCnxn$StatCommand@674] - Stat command output
[junit] 2017-02-17 22:57:57,939 [myid:] - INFO  
[Thread-4:NIOServerCnxn@1019] - Closed socket connection for client 
/127.0.0.1:55924 (no session established for client)
[junit] 2017-02-17 22:57:57,939 [myid:] - INFO  [main:JMXEnv@230] - 
ensureParent:[InMemoryDataTree, StandaloneServer_port]
[junit] 2017-02-17 22:57:57,941 [myid:] - INFO  [main:JMXEnv@247] - 
expect:InMemoryDataTree
[junit] 2017-02-17 22:57:57,941 [myid:] - INFO  [main:JMXEnv@251] - 
found:InMemoryDataTree 
org.apache.ZooKeeperService:name0=StandaloneServer_port11221,name1=InMemoryDataTree
[junit] 2017-02-17 22:57:57,941 [myid:] - INFO  [main:JMXEnv@247] - 
expect:StandaloneServer_port
[junit] 2017-02-17 22:57:57,941 [myid:] - INFO  [main:JMXEnv@251] - 
found:StandaloneServer_port 
org.apache.ZooKeeperService:name0=StandaloneServer_port11221
[junit] 2017-02-17 22:57:57,942 [myid:] - INFO  
[main:JUnit4ZKTestRunner$LoggedInvokeMethod@58] - Memory used 35517
[junit] 2017-02-17 22:57:57,942 [myid:] - INFO  
[main:JUnit4ZKTestRunner$LoggedInvokeMethod@63] - Number of threads 20
[junit] 2017-02-17 22:57:57,942 [myid:] - INFO  
[main:JUnit4ZKTestRunner$LoggedInvokeMethod@78] - FINISHED TEST METHOD testQuota
[junit] 2017-02-17 22:57:57,942 [myid:] - INFO  [main:ClientBase@522] - 
tearDown starting
[junit] 2017-02-17 22:57:58,017 [myid:] - INFO  [main:ZooKeeper@684] - 
Session: 0x15a4e4bd816 closed
[junit] 2017-02-17 22:57:58,017 [myid:] - INFO  
[main-EventThread:ClientCnxn$EventThread@519] - EventThread shut down for 
session: 0x15a4e4bd816
[junit] 2017-02-17 22:57:58,018 [myid:] - INFO  [main:ClientBase@492] - 
STOPPING server
[junit] 2017-02-17 22:57:58,018 [myid:] - INFO  
[NIOServerCxn.Factory:0.0.0.0/0.0.0.0:11221:NIOServerCnxnFactory@219] - 
NIOServerCnxn factory exited run method
[junit] 2017-02-17 22:57:58,019 [myid:] - INFO  [main:ZooKeeperServer@505] 
- shutting down
[junit] 2017-02-17 22:57:58,019 [myid:] - ERROR [main:ZooKeeperServer@472] 
- ZKShutdownHandler is not registered, so ZooKeeper server won't take any 
action on ERROR or SHUTDOWN server state changes
[junit] 2017-02-17 22:57:58,019

[jira] [Commented] (ZOOKEEPER-2700) Force ZooKeeper to generate snapshot

2017-02-17 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2700?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15872671#comment-15872671
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2700:
---

Github user afine commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/180#discussion_r101861654
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/SnapCommand.java ---
@@ -0,0 +1,53 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.zookeeper.server.command;
+
+import org.apache.zookeeper.server.ServerCnxn;
+import org.apache.zookeeper.server.ZooKeeperThread;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+
+public class SnapCommand extends AbstractFourLetterCommand {
+private static final Logger LOG = 
LoggerFactory.getLogger(SnapCommand.class);
+
+SnapCommand(PrintWriter pw, ServerCnxn serverCnxn) {
+super(pw,serverCnxn);
+}
+
+@Override
+public void commandRun() throws IOException {
+if (!isZKServerRunning()) {
+pw.println(ZK_NOT_SERVING);
+} else {
+Thread snapInProcess = new ZooKeeperThread("Snapshot Thread") {
+public void run() {
+try {
+zkServer.takeSnapshot();
--- End diff --

I agree. It may be nice to have some check that generally make sure 
multiple snapshots cannot happen at the same time, as a sanity check.


> Force ZooKeeper to generate snapshot
> 
>
> Key: ZOOKEEPER-2700
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2700
> Project: ZooKeeper
>  Issue Type: Improvement
>Reporter: Flier Lu
>Priority: Minor
>
> When cold backup or remote offline sync Zookeeper instances, we need the 
> latest snapshot.
> Add a four letter `snap` command to force Zookeeper to generate snapshot.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[GitHub] zookeeper pull request #180: ZOOKEEPER-2700 add `snap` command to take snaps...

2017-02-17 Thread afine 
Github user afine commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/180#discussion_r101861654
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/SnapCommand.java ---
@@ -0,0 +1,53 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.zookeeper.server.command;
+
+import org.apache.zookeeper.server.ServerCnxn;
+import org.apache.zookeeper.server.ZooKeeperThread;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+
+public class SnapCommand extends AbstractFourLetterCommand {
+private static final Logger LOG = 
LoggerFactory.getLogger(SnapCommand.class);
+
+SnapCommand(PrintWriter pw, ServerCnxn serverCnxn) {
+super(pw,serverCnxn);
+}
+
+@Override
+public void commandRun() throws IOException {
+if (!isZKServerRunning()) {
+pw.println(ZK_NOT_SERVING);
+} else {
+Thread snapInProcess = new ZooKeeperThread("Snapshot Thread") {
+public void run() {
+try {
+zkServer.takeSnapshot();
--- End diff --

I agree. It may be nice to have some check that generally make sure 
multiple snapshots cannot happen at the same time, as a sanity check.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[jira] [Commented] (ZOOKEEPER-2691) recreateSocketAddresses may recreate the unreachable IP address

2017-02-17 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2691?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15872522#comment-15872522
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2691:
---

Github user eribeiro commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/173#discussion_r101843611
  
--- Diff: src/java/main/org/apache/zookeeper/server/quorum/QuorumPeer.java 
---
@@ -194,6 +237,12 @@ public void recreateSocketAddresses() {
 public long id;
 
 public LearnerType type = LearnerType.PARTICIPANT;
+
+/**
+ * the time, in millseconds, before {@link 
InetAddress#isReachable} aborts
--- End diff --

typo: miliseconds.


> recreateSocketAddresses may recreate the unreachable IP address
> ---
>
> Key: ZOOKEEPER-2691
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2691
> Project: ZooKeeper
>  Issue Type: Bug
>Affects Versions: 3.4.8
> Environment: Centos6.5
> Java8
> ZooKeeper3.4.8
>Reporter: JiangJiafu
>Priority: Minor
>
> The QuorumPeer$QuorumServer.recreateSocketAddress()  is used to resolved the 
> hostname to a new IP address(InetAddress) when any exception happens to the 
> socket. It will be very useful when a hostname can be resolved to more than 
> one IP address.
> But the problem is Java API InetAddress.getByName(String hostname) will 
> always return the first IP address when the hostname can be resolved to more 
> than one IP address, and the first IP address may be unreachable forever. For 
> example, if a machine has two network interfaces: eth0, eth1, say eth0 has 
> ip1, eth1 has ip2, the relationship between hostname and the IP addresses is 
> set in /etc/hosts. When I "close" the eth0 by command "ifdown eth0", the 
> InetAddress.getByName(String hostname)  will still return ip1, which is 
> unreachable forever.
> So I think it will be better to check the IP address by 
> InetAddress.isReachable(long) and choose the reachable IP address. 
> I have modified the ZooKeeper source code, and test the new code in my own 
> environment, and it can work very well when I turn down some network 
> interfaces using "ifdown" command.
> The original code is:
> {code:title=QuorumPeer.java|borderStyle=solid}
> public void recreateSocketAddresses() {
> InetAddress address = null;
> try {
> address = InetAddress.getByName(this.hostname);
> LOG.info("Resolved hostname: {} to address: {}", 
> this.hostname, address);
> this.addr = new InetSocketAddress(address, this.port);
> if (this.electionPort > 0){
> this.electionAddr = new InetSocketAddress(address, 
> this.electionPort);
> }
> } catch (UnknownHostException ex) {
> LOG.warn("Failed to resolve address: {}", this.hostname, ex);
> // Have we succeeded in the past?
> if (this.addr != null) {
> // Yes, previously the lookup succeeded. Leave things as 
> they are
> return;
> }
> // The hostname has never resolved. Create our 
> InetSocketAddress(es) as unresolved
> this.addr = InetSocketAddress.createUnresolved(this.hostname, 
> this.port);
> if (this.electionPort > 0){
> this.electionAddr = 
> InetSocketAddress.createUnresolved(this.hostname,
>
> this.electionPort);
> }
> }
> }
> {code}
> After my modification:
> {code:title=QuorumPeer.java|borderStyle=solid}
> public void recreateSocketAddresses() {
> InetAddress address = null;
> try {
> address = getReachableAddress(this.hostname);
> LOG.info("Resolved hostname: {} to address: {}", 
> this.hostname, address);
> this.addr = new InetSocketAddress(address, this.port);
> if (this.electionPort > 0){
> this.electionAddr = new InetSocketAddress(address, 
> this.electionPort);
> }
> } catch (UnknownHostException ex) {
> LOG.warn("Failed to resolve address: {}", this.hostname, ex);
> // Have we succeeded in the past?
> if (this.addr != null) {
> // Yes, previously the lookup succeeded. Leave things as 
> they are
> return;
> }
> // The hostname has never resolved. Create our 
> InetSocketAddress(es) as unresolved
> this.addr = InetSocketAddress.createUnresolved(this.hostname, 
> this.port);
>

[jira] [Commented] (ZOOKEEPER-2691) recreateSocketAddresses may recreate the unreachable IP address

2017-02-17 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2691?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15872519#comment-15872519
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2691:
---

Github user eribeiro commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/173#discussion_r101843864
  
--- Diff: src/java/main/org/apache/zookeeper/server/quorum/QuorumPeer.java 
---
@@ -113,13 +113,21 @@ private QuorumServer(long id, InetSocketAddress addr,
 this.id = id;
 this.addr = addr;
 this.electionAddr = electionAddr;
+String checkIPReachableValue = 
System.getProperty("zookeeper.checkIPTimeout");
+if(checkIPReachableValue != null){
--- End diff --

nit: space between if and (


> recreateSocketAddresses may recreate the unreachable IP address
> ---
>
> Key: ZOOKEEPER-2691
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2691
> Project: ZooKeeper
>  Issue Type: Bug
>Affects Versions: 3.4.8
> Environment: Centos6.5
> Java8
> ZooKeeper3.4.8
>Reporter: JiangJiafu
>Priority: Minor
>
> The QuorumPeer$QuorumServer.recreateSocketAddress()  is used to resolved the 
> hostname to a new IP address(InetAddress) when any exception happens to the 
> socket. It will be very useful when a hostname can be resolved to more than 
> one IP address.
> But the problem is Java API InetAddress.getByName(String hostname) will 
> always return the first IP address when the hostname can be resolved to more 
> than one IP address, and the first IP address may be unreachable forever. For 
> example, if a machine has two network interfaces: eth0, eth1, say eth0 has 
> ip1, eth1 has ip2, the relationship between hostname and the IP addresses is 
> set in /etc/hosts. When I "close" the eth0 by command "ifdown eth0", the 
> InetAddress.getByName(String hostname)  will still return ip1, which is 
> unreachable forever.
> So I think it will be better to check the IP address by 
> InetAddress.isReachable(long) and choose the reachable IP address. 
> I have modified the ZooKeeper source code, and test the new code in my own 
> environment, and it can work very well when I turn down some network 
> interfaces using "ifdown" command.
> The original code is:
> {code:title=QuorumPeer.java|borderStyle=solid}
> public void recreateSocketAddresses() {
> InetAddress address = null;
> try {
> address = InetAddress.getByName(this.hostname);
> LOG.info("Resolved hostname: {} to address: {}", 
> this.hostname, address);
> this.addr = new InetSocketAddress(address, this.port);
> if (this.electionPort > 0){
> this.electionAddr = new InetSocketAddress(address, 
> this.electionPort);
> }
> } catch (UnknownHostException ex) {
> LOG.warn("Failed to resolve address: {}", this.hostname, ex);
> // Have we succeeded in the past?
> if (this.addr != null) {
> // Yes, previously the lookup succeeded. Leave things as 
> they are
> return;
> }
> // The hostname has never resolved. Create our 
> InetSocketAddress(es) as unresolved
> this.addr = InetSocketAddress.createUnresolved(this.hostname, 
> this.port);
> if (this.electionPort > 0){
> this.electionAddr = 
> InetSocketAddress.createUnresolved(this.hostname,
>
> this.electionPort);
> }
> }
> }
> {code}
> After my modification:
> {code:title=QuorumPeer.java|borderStyle=solid}
> public void recreateSocketAddresses() {
> InetAddress address = null;
> try {
> address = getReachableAddress(this.hostname);
> LOG.info("Resolved hostname: {} to address: {}", 
> this.hostname, address);
> this.addr = new InetSocketAddress(address, this.port);
> if (this.electionPort > 0){
> this.electionAddr = new InetSocketAddress(address, 
> this.electionPort);
> }
> } catch (UnknownHostException ex) {
> LOG.warn("Failed to resolve address: {}", this.hostname, ex);
> // Have we succeeded in the past?
> if (this.addr != null) {
> // Yes, previously the lookup succeeded. Leave things as 
> they are
> return;
> }
> // The hostname has never resolved. Create our 
> InetSocketAddress(es) as unresolved
> this.addr

[jira] [Commented] (ZOOKEEPER-2691) recreateSocketAddresses may recreate the unreachable IP address

2017-02-17 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2691?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15872520#comment-15872520
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2691:
---

Github user eribeiro commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/173#discussion_r101843810
  
--- Diff: src/java/main/org/apache/zookeeper/server/quorum/QuorumPeer.java 
---
@@ -128,24 +136,32 @@ private QuorumServer(long id, InetSocketAddress addr,
 this.addr = addr;
 this.electionAddr = electionAddr;
 this.type = type;
+String checkIPReachableValue = 
System.getProperty("zookeeper.checkIPTimeout");
+if(checkIPReachableValue != null){
--- End diff --

nit: space between if and (


> recreateSocketAddresses may recreate the unreachable IP address
> ---
>
> Key: ZOOKEEPER-2691
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2691
> Project: ZooKeeper
>  Issue Type: Bug
>Affects Versions: 3.4.8
> Environment: Centos6.5
> Java8
> ZooKeeper3.4.8
>Reporter: JiangJiafu
>Priority: Minor
>
> The QuorumPeer$QuorumServer.recreateSocketAddress()  is used to resolved the 
> hostname to a new IP address(InetAddress) when any exception happens to the 
> socket. It will be very useful when a hostname can be resolved to more than 
> one IP address.
> But the problem is Java API InetAddress.getByName(String hostname) will 
> always return the first IP address when the hostname can be resolved to more 
> than one IP address, and the first IP address may be unreachable forever. For 
> example, if a machine has two network interfaces: eth0, eth1, say eth0 has 
> ip1, eth1 has ip2, the relationship between hostname and the IP addresses is 
> set in /etc/hosts. When I "close" the eth0 by command "ifdown eth0", the 
> InetAddress.getByName(String hostname)  will still return ip1, which is 
> unreachable forever.
> So I think it will be better to check the IP address by 
> InetAddress.isReachable(long) and choose the reachable IP address. 
> I have modified the ZooKeeper source code, and test the new code in my own 
> environment, and it can work very well when I turn down some network 
> interfaces using "ifdown" command.
> The original code is:
> {code:title=QuorumPeer.java|borderStyle=solid}
> public void recreateSocketAddresses() {
> InetAddress address = null;
> try {
> address = InetAddress.getByName(this.hostname);
> LOG.info("Resolved hostname: {} to address: {}", 
> this.hostname, address);
> this.addr = new InetSocketAddress(address, this.port);
> if (this.electionPort > 0){
> this.electionAddr = new InetSocketAddress(address, 
> this.electionPort);
> }
> } catch (UnknownHostException ex) {
> LOG.warn("Failed to resolve address: {}", this.hostname, ex);
> // Have we succeeded in the past?
> if (this.addr != null) {
> // Yes, previously the lookup succeeded. Leave things as 
> they are
> return;
> }
> // The hostname has never resolved. Create our 
> InetSocketAddress(es) as unresolved
> this.addr = InetSocketAddress.createUnresolved(this.hostname, 
> this.port);
> if (this.electionPort > 0){
> this.electionAddr = 
> InetSocketAddress.createUnresolved(this.hostname,
>
> this.electionPort);
> }
> }
> }
> {code}
> After my modification:
> {code:title=QuorumPeer.java|borderStyle=solid}
> public void recreateSocketAddresses() {
> InetAddress address = null;
> try {
> address = getReachableAddress(this.hostname);
> LOG.info("Resolved hostname: {} to address: {}", 
> this.hostname, address);
> this.addr = new InetSocketAddress(address, this.port);
> if (this.electionPort > 0){
> this.electionAddr = new InetSocketAddress(address, 
> this.electionPort);
> }
> } catch (UnknownHostException ex) {
> LOG.warn("Failed to resolve address: {}", this.hostname, ex);
> // Have we succeeded in the past?
> if (this.addr != null) {
> // Yes, previously the lookup succeeded. Leave things as 
> they are
> return;
> }
> // The hostname has never resolved. Create our 
> InetSocketAddress(es) as unresolved
>

[jira] [Commented] (ZOOKEEPER-2691) recreateSocketAddresses may recreate the unreachable IP address

2017-02-17 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2691?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15872521#comment-15872521
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2691:
---

Github user eribeiro commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/173#discussion_r101845264
  
--- Diff: src/java/main/org/apache/zookeeper/server/quorum/QuorumPeer.java 
---
@@ -181,6 +197,33 @@ public void recreateSocketAddresses() {
 }
 }
 
+/**
+ * Resolve the hostname to IP addresses, and find one reachable 
address.
+ *
+ * @param hostname the name of the host
+ * @param timeout the time, in millseconds, before {@link 
InetAddress#isReachable}
+ *aborts
+ * @return a reachable IP address. If no such IP address can be 
found,
+ * just return the first IP address of the hostname.
+ *
+ * @exception UnknownHostException
+ */
+public InetAddress getReachableAddress(String hostname, int 
timeout) 
+throws UnknownHostException {
+InetAddress[] addresses = InetAddress.getAllByName(hostname);
+for (InetAddress a : addresses) {
+try {
+if (a.isReachable(timeout)) {
--- End diff --

My main problem with this PR is that call to `isReachable(timeout)` for two 
reasons: 

1) the most important one: `isReachable(timeout)` seems unreliable so there 
are plenty cases where it returns false even tough the node is reachable or 
vice-versa! https://bugs.openjdk.java.net/browse/JDK-8159410 (google 
"InetAddress.isReachable not working" or "InetAddress.isReachable unreliable" 
to see further cases).

2) This timeout can add an arbitrary delay until a reachable node can be 
tested.

IDK what a good compromise would be for both points above (leaving as it is 
today could work, so no problem, even tough I am a bit concerned), but maybe we 
could use a solution similar to ZOOKEEPER-2184 and return the next address in 
the array (using `next = ++next % addresses.length` to prevent out of bound 
exceptions).




> recreateSocketAddresses may recreate the unreachable IP address
> ---
>
> Key: ZOOKEEPER-2691
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2691
> Project: ZooKeeper
>  Issue Type: Bug
>Affects Versions: 3.4.8
> Environment: Centos6.5
> Java8
> ZooKeeper3.4.8
>Reporter: JiangJiafu
>Priority: Minor
>
> The QuorumPeer$QuorumServer.recreateSocketAddress()  is used to resolved the 
> hostname to a new IP address(InetAddress) when any exception happens to the 
> socket. It will be very useful when a hostname can be resolved to more than 
> one IP address.
> But the problem is Java API InetAddress.getByName(String hostname) will 
> always return the first IP address when the hostname can be resolved to more 
> than one IP address, and the first IP address may be unreachable forever. For 
> example, if a machine has two network interfaces: eth0, eth1, say eth0 has 
> ip1, eth1 has ip2, the relationship between hostname and the IP addresses is 
> set in /etc/hosts. When I "close" the eth0 by command "ifdown eth0", the 
> InetAddress.getByName(String hostname)  will still return ip1, which is 
> unreachable forever.
> So I think it will be better to check the IP address by 
> InetAddress.isReachable(long) and choose the reachable IP address. 
> I have modified the ZooKeeper source code, and test the new code in my own 
> environment, and it can work very well when I turn down some network 
> interfaces using "ifdown" command.
> The original code is:
> {code:title=QuorumPeer.java|borderStyle=solid}
> public void recreateSocketAddresses() {
> InetAddress address = null;
> try {
> address = InetAddress.getByName(this.hostname);
> LOG.info("Resolved hostname: {} to address: {}", 
> this.hostname, address);
> this.addr = new InetSocketAddress(address, this.port);
> if (this.electionPort > 0){
> this.electionAddr = new InetSocketAddress(address, 
> this.electionPort);
> }
> } catch (UnknownHostException ex) {
> LOG.warn("Failed to resolve address: {}", this.hostname, ex);
> // Have we succeeded in the past?
> if (this.addr != null) {
> // Yes, previously the lookup succeeded. Leave things as 
> they are
> return;
> }
> // The hostname has never resolved. Create our 
> InetSocketAddress(es) as

[jira] [Commented] (ZOOKEEPER-2691) recreateSocketAddresses may recreate the unreachable IP address

2017-02-17 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2691?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15872523#comment-15872523
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2691:
---

Github user eribeiro commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/173#discussion_r101843694
  
--- Diff: src/java/main/org/apache/zookeeper/server/quorum/QuorumPeer.java 
---
@@ -128,24 +136,32 @@ private QuorumServer(long id, InetSocketAddress addr,
 this.addr = addr;
 this.electionAddr = electionAddr;
 this.type = type;
+String checkIPReachableValue = 
System.getProperty("zookeeper.checkIPTimeout");
+if(checkIPReachableValue != null){
+this.checkIPReachableTO = 
Integer.parseInt(checkIPReachableValue);
+}
 }
 
 public QuorumServer(long id, String hostname,
 Integer port, Integer electionPort,
 LearnerType type) {
-   this.id = id;
-   this.hostname=hostname;
-   if (port!=null){
+   this.id = id;
+   this.hostname=hostname;
+   if (port!=null){
 this.port=port;
-   }
-   if (electionPort!=null){
+   }
+   if (electionPort!=null){
 this.electionPort=electionPort;
-   }
-   if (type!=null){
+   }
+   if (type!=null){
 this.type = type;
-   }
-   this.recreateSocketAddresses();
}
+String checkIPReachableValue = 
System.getProperty("zookeeper.checkIPTimeout");
+if(checkIPReachableValue != null){
--- End diff --

nit: space between `if` and `(`


> recreateSocketAddresses may recreate the unreachable IP address
> ---
>
> Key: ZOOKEEPER-2691
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2691
> Project: ZooKeeper
>  Issue Type: Bug
>Affects Versions: 3.4.8
> Environment: Centos6.5
> Java8
> ZooKeeper3.4.8
>Reporter: JiangJiafu
>Priority: Minor
>
> The QuorumPeer$QuorumServer.recreateSocketAddress()  is used to resolved the 
> hostname to a new IP address(InetAddress) when any exception happens to the 
> socket. It will be very useful when a hostname can be resolved to more than 
> one IP address.
> But the problem is Java API InetAddress.getByName(String hostname) will 
> always return the first IP address when the hostname can be resolved to more 
> than one IP address, and the first IP address may be unreachable forever. For 
> example, if a machine has two network interfaces: eth0, eth1, say eth0 has 
> ip1, eth1 has ip2, the relationship between hostname and the IP addresses is 
> set in /etc/hosts. When I "close" the eth0 by command "ifdown eth0", the 
> InetAddress.getByName(String hostname)  will still return ip1, which is 
> unreachable forever.
> So I think it will be better to check the IP address by 
> InetAddress.isReachable(long) and choose the reachable IP address. 
> I have modified the ZooKeeper source code, and test the new code in my own 
> environment, and it can work very well when I turn down some network 
> interfaces using "ifdown" command.
> The original code is:
> {code:title=QuorumPeer.java|borderStyle=solid}
> public void recreateSocketAddresses() {
> InetAddress address = null;
> try {
> address = InetAddress.getByName(this.hostname);
> LOG.info("Resolved hostname: {} to address: {}", 
> this.hostname, address);
> this.addr = new InetSocketAddress(address, this.port);
> if (this.electionPort > 0){
> this.electionAddr = new InetSocketAddress(address, 
> this.electionPort);
> }
> } catch (UnknownHostException ex) {
> LOG.warn("Failed to resolve address: {}", this.hostname, ex);
> // Have we succeeded in the past?
> if (this.addr != null) {
> // Yes, previously the lookup succeeded. Leave things as 
> they are
> return;
> }
> // The hostname has never resolved. Create our 
> InetSocketAddress(es) as unresolved
> this.addr = InetSocketAddress.createUnresolved(this.hostname, 
> this.port);
> if (this.electionPort > 0){
> this.electionAddr = 
> InetSocketAddress.createUnresolved(this.hostname,
>
> this.electionPort);
> }
> }
> }

[jira] [Commented] (ZOOKEEPER-2691) recreateSocketAddresses may recreate the unreachable IP address

2017-02-17 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2691?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15872518#comment-15872518
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2691:
---

Github user eribeiro commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/173#discussion_r101843855
  
--- Diff: src/java/main/org/apache/zookeeper/server/quorum/QuorumPeer.java 
---
@@ -113,13 +113,21 @@ private QuorumServer(long id, InetSocketAddress addr,
 this.id = id;
 this.addr = addr;
 this.electionAddr = electionAddr;
+String checkIPReachableValue = 
System.getProperty("zookeeper.checkIPTimeout");
+if(checkIPReachableValue != null){
+this.checkIPReachableTO = 
Integer.parseInt(checkIPReachableValue);
+}
 }
 
 // VisibleForTesting
 public QuorumServer(long id, InetSocketAddress addr) {
 this.id = id;
 this.addr = addr;
 this.electionAddr = null;
+String checkIPReachableValue = 
System.getProperty("zookeeper.checkIPTimeout");
+if(checkIPReachableValue != null){
--- End diff --

nit: space between if and (


> recreateSocketAddresses may recreate the unreachable IP address
> ---
>
> Key: ZOOKEEPER-2691
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2691
> Project: ZooKeeper
>  Issue Type: Bug
>Affects Versions: 3.4.8
> Environment: Centos6.5
> Java8
> ZooKeeper3.4.8
>Reporter: JiangJiafu
>Priority: Minor
>
> The QuorumPeer$QuorumServer.recreateSocketAddress()  is used to resolved the 
> hostname to a new IP address(InetAddress) when any exception happens to the 
> socket. It will be very useful when a hostname can be resolved to more than 
> one IP address.
> But the problem is Java API InetAddress.getByName(String hostname) will 
> always return the first IP address when the hostname can be resolved to more 
> than one IP address, and the first IP address may be unreachable forever. For 
> example, if a machine has two network interfaces: eth0, eth1, say eth0 has 
> ip1, eth1 has ip2, the relationship between hostname and the IP addresses is 
> set in /etc/hosts. When I "close" the eth0 by command "ifdown eth0", the 
> InetAddress.getByName(String hostname)  will still return ip1, which is 
> unreachable forever.
> So I think it will be better to check the IP address by 
> InetAddress.isReachable(long) and choose the reachable IP address. 
> I have modified the ZooKeeper source code, and test the new code in my own 
> environment, and it can work very well when I turn down some network 
> interfaces using "ifdown" command.
> The original code is:
> {code:title=QuorumPeer.java|borderStyle=solid}
> public void recreateSocketAddresses() {
> InetAddress address = null;
> try {
> address = InetAddress.getByName(this.hostname);
> LOG.info("Resolved hostname: {} to address: {}", 
> this.hostname, address);
> this.addr = new InetSocketAddress(address, this.port);
> if (this.electionPort > 0){
> this.electionAddr = new InetSocketAddress(address, 
> this.electionPort);
> }
> } catch (UnknownHostException ex) {
> LOG.warn("Failed to resolve address: {}", this.hostname, ex);
> // Have we succeeded in the past?
> if (this.addr != null) {
> // Yes, previously the lookup succeeded. Leave things as 
> they are
> return;
> }
> // The hostname has never resolved. Create our 
> InetSocketAddress(es) as unresolved
> this.addr = InetSocketAddress.createUnresolved(this.hostname, 
> this.port);
> if (this.electionPort > 0){
> this.electionAddr = 
> InetSocketAddress.createUnresolved(this.hostname,
>
> this.electionPort);
> }
> }
> }
> {code}
> After my modification:
> {code:title=QuorumPeer.java|borderStyle=solid}
> public void recreateSocketAddresses() {
> InetAddress address = null;
> try {
> address = getReachableAddress(this.hostname);
> LOG.info("Resolved hostname: {} to address: {}", 
> this.hostname, address);
> this.addr = new InetSocketAddress(address, this.port);
> if (this.electionPort > 0){
> this.electionAddr = new InetSocketAddress(address, 
> this.electionPort);
> }
>

[jira] [Commented] (ZOOKEEPER-2691) recreateSocketAddresses may recreate the unreachable IP address

2017-02-17 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2691?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15872517#comment-15872517
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2691:
---

Github user eribeiro commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/173#discussion_r101846854
  
--- Diff: src/java/main/org/apache/zookeeper/server/quorum/QuorumPeer.java 
---
@@ -113,13 +113,21 @@ private QuorumServer(long id, InetSocketAddress addr,
 this.id = id;
 this.addr = addr;
 this.electionAddr = electionAddr;
+String checkIPReachableValue = 
System.getProperty("zookeeper.checkIPTimeout");
--- End diff --

I think we can improve this naming game just a little bit. Why not call 
this variable `ipTimeout`? And `checkIPReachableTO` as `ipReachableTimeout` or 
`reachableIPTimeout`? 


> recreateSocketAddresses may recreate the unreachable IP address
> ---
>
> Key: ZOOKEEPER-2691
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2691
> Project: ZooKeeper
>  Issue Type: Bug
>Affects Versions: 3.4.8
> Environment: Centos6.5
> Java8
> ZooKeeper3.4.8
>Reporter: JiangJiafu
>Priority: Minor
>
> The QuorumPeer$QuorumServer.recreateSocketAddress()  is used to resolved the 
> hostname to a new IP address(InetAddress) when any exception happens to the 
> socket. It will be very useful when a hostname can be resolved to more than 
> one IP address.
> But the problem is Java API InetAddress.getByName(String hostname) will 
> always return the first IP address when the hostname can be resolved to more 
> than one IP address, and the first IP address may be unreachable forever. For 
> example, if a machine has two network interfaces: eth0, eth1, say eth0 has 
> ip1, eth1 has ip2, the relationship between hostname and the IP addresses is 
> set in /etc/hosts. When I "close" the eth0 by command "ifdown eth0", the 
> InetAddress.getByName(String hostname)  will still return ip1, which is 
> unreachable forever.
> So I think it will be better to check the IP address by 
> InetAddress.isReachable(long) and choose the reachable IP address. 
> I have modified the ZooKeeper source code, and test the new code in my own 
> environment, and it can work very well when I turn down some network 
> interfaces using "ifdown" command.
> The original code is:
> {code:title=QuorumPeer.java|borderStyle=solid}
> public void recreateSocketAddresses() {
> InetAddress address = null;
> try {
> address = InetAddress.getByName(this.hostname);
> LOG.info("Resolved hostname: {} to address: {}", 
> this.hostname, address);
> this.addr = new InetSocketAddress(address, this.port);
> if (this.electionPort > 0){
> this.electionAddr = new InetSocketAddress(address, 
> this.electionPort);
> }
> } catch (UnknownHostException ex) {
> LOG.warn("Failed to resolve address: {}", this.hostname, ex);
> // Have we succeeded in the past?
> if (this.addr != null) {
> // Yes, previously the lookup succeeded. Leave things as 
> they are
> return;
> }
> // The hostname has never resolved. Create our 
> InetSocketAddress(es) as unresolved
> this.addr = InetSocketAddress.createUnresolved(this.hostname, 
> this.port);
> if (this.electionPort > 0){
> this.electionAddr = 
> InetSocketAddress.createUnresolved(this.hostname,
>
> this.electionPort);
> }
> }
> }
> {code}
> After my modification:
> {code:title=QuorumPeer.java|borderStyle=solid}
> public void recreateSocketAddresses() {
> InetAddress address = null;
> try {
> address = getReachableAddress(this.hostname);
> LOG.info("Resolved hostname: {} to address: {}", 
> this.hostname, address);
> this.addr = new InetSocketAddress(address, this.port);
> if (this.electionPort > 0){
> this.electionAddr = new InetSocketAddress(address, 
> this.electionPort);
> }
> } catch (UnknownHostException ex) {
> LOG.warn("Failed to resolve address: {}", this.hostname, ex);
> // Have we succeeded in the past?
> if (this.addr != null) {
> // Yes, previously the lookup succeeded. Leave things as 
> they are
> return;
> }
> // The hostname

[GitHub] zookeeper pull request #173: ZOOKEEPER-2691: recreateSocketAddresses may rec...

2017-02-17 Thread eribeiro 
Github user eribeiro commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/173#discussion_r101846854
  
--- Diff: src/java/main/org/apache/zookeeper/server/quorum/QuorumPeer.java 
---
@@ -113,13 +113,21 @@ private QuorumServer(long id, InetSocketAddress addr,
 this.id = id;
 this.addr = addr;
 this.electionAddr = electionAddr;
+String checkIPReachableValue = 
System.getProperty("zookeeper.checkIPTimeout");
--- End diff --

I think we can improve this naming game just a little bit. Why not call 
this variable `ipTimeout`? And `checkIPReachableTO` as `ipReachableTimeout` or 
`reachableIPTimeout`? 


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[GitHub] zookeeper pull request #173: ZOOKEEPER-2691: recreateSocketAddresses may rec...

2017-02-17 Thread eribeiro 
Github user eribeiro commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/173#discussion_r101843694
  
--- Diff: src/java/main/org/apache/zookeeper/server/quorum/QuorumPeer.java 
---
@@ -128,24 +136,32 @@ private QuorumServer(long id, InetSocketAddress addr,
 this.addr = addr;
 this.electionAddr = electionAddr;
 this.type = type;
+String checkIPReachableValue = 
System.getProperty("zookeeper.checkIPTimeout");
+if(checkIPReachableValue != null){
+this.checkIPReachableTO = 
Integer.parseInt(checkIPReachableValue);
+}
 }
 
 public QuorumServer(long id, String hostname,
 Integer port, Integer electionPort,
 LearnerType type) {
-   this.id = id;
-   this.hostname=hostname;
-   if (port!=null){
+   this.id = id;
+   this.hostname=hostname;
+   if (port!=null){
 this.port=port;
-   }
-   if (electionPort!=null){
+   }
+   if (electionPort!=null){
 this.electionPort=electionPort;
-   }
-   if (type!=null){
+   }
+   if (type!=null){
 this.type = type;
-   }
-   this.recreateSocketAddresses();
}
+String checkIPReachableValue = 
System.getProperty("zookeeper.checkIPTimeout");
+if(checkIPReachableValue != null){
--- End diff --

nit: space between `if` and `(`


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[GitHub] zookeeper pull request #173: ZOOKEEPER-2691: recreateSocketAddresses may rec...

2017-02-17 Thread eribeiro 
Github user eribeiro commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/173#discussion_r101845264
  
--- Diff: src/java/main/org/apache/zookeeper/server/quorum/QuorumPeer.java 
---
@@ -181,6 +197,33 @@ public void recreateSocketAddresses() {
 }
 }
 
+/**
+ * Resolve the hostname to IP addresses, and find one reachable 
address.
+ *
+ * @param hostname the name of the host
+ * @param timeout the time, in millseconds, before {@link 
InetAddress#isReachable}
+ *aborts
+ * @return a reachable IP address. If no such IP address can be 
found,
+ * just return the first IP address of the hostname.
+ *
+ * @exception UnknownHostException
+ */
+public InetAddress getReachableAddress(String hostname, int 
timeout) 
+throws UnknownHostException {
+InetAddress[] addresses = InetAddress.getAllByName(hostname);
+for (InetAddress a : addresses) {
+try {
+if (a.isReachable(timeout)) {
--- End diff --

My main problem with this PR is that call to `isReachable(timeout)` for two 
reasons: 

1) the most important one: `isReachable(timeout)` seems unreliable so there 
are plenty cases where it returns false even tough the node is reachable or 
vice-versa! https://bugs.openjdk.java.net/browse/JDK-8159410 (google 
"InetAddress.isReachable not working" or "InetAddress.isReachable unreliable" 
to see further cases).

2) This timeout can add an arbitrary delay until a reachable node can be 
tested.

IDK what a good compromise would be for both points above (leaving as it is 
today could work, so no problem, even tough I am a bit concerned), but maybe we 
could use a solution similar to ZOOKEEPER-2184 and return the next address in 
the array (using `next = ++next % addresses.length` to prevent out of bound 
exceptions).




---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[GitHub] zookeeper pull request #173: ZOOKEEPER-2691: recreateSocketAddresses may rec...

2017-02-17 Thread eribeiro 
Github user eribeiro commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/173#discussion_r101843810
  
--- Diff: src/java/main/org/apache/zookeeper/server/quorum/QuorumPeer.java 
---
@@ -128,24 +136,32 @@ private QuorumServer(long id, InetSocketAddress addr,
 this.addr = addr;
 this.electionAddr = electionAddr;
 this.type = type;
+String checkIPReachableValue = 
System.getProperty("zookeeper.checkIPTimeout");
+if(checkIPReachableValue != null){
--- End diff --

nit: space between if and (


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[GitHub] zookeeper pull request #173: ZOOKEEPER-2691: recreateSocketAddresses may rec...

2017-02-17 Thread eribeiro 
Github user eribeiro commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/173#discussion_r101843855
  
--- Diff: src/java/main/org/apache/zookeeper/server/quorum/QuorumPeer.java 
---
@@ -113,13 +113,21 @@ private QuorumServer(long id, InetSocketAddress addr,
 this.id = id;
 this.addr = addr;
 this.electionAddr = electionAddr;
+String checkIPReachableValue = 
System.getProperty("zookeeper.checkIPTimeout");
+if(checkIPReachableValue != null){
+this.checkIPReachableTO = 
Integer.parseInt(checkIPReachableValue);
+}
 }
 
 // VisibleForTesting
 public QuorumServer(long id, InetSocketAddress addr) {
 this.id = id;
 this.addr = addr;
 this.electionAddr = null;
+String checkIPReachableValue = 
System.getProperty("zookeeper.checkIPTimeout");
+if(checkIPReachableValue != null){
--- End diff --

nit: space between if and (


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[GitHub] zookeeper pull request #173: ZOOKEEPER-2691: recreateSocketAddresses may rec...

2017-02-17 Thread eribeiro 
Github user eribeiro commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/173#discussion_r101843864
  
--- Diff: src/java/main/org/apache/zookeeper/server/quorum/QuorumPeer.java 
---
@@ -113,13 +113,21 @@ private QuorumServer(long id, InetSocketAddress addr,
 this.id = id;
 this.addr = addr;
 this.electionAddr = electionAddr;
+String checkIPReachableValue = 
System.getProperty("zookeeper.checkIPTimeout");
+if(checkIPReachableValue != null){
--- End diff --

nit: space between if and (


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[GitHub] zookeeper pull request #173: ZOOKEEPER-2691: recreateSocketAddresses may rec...

2017-02-17 Thread eribeiro 
Github user eribeiro commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/173#discussion_r101843611
  
--- Diff: src/java/main/org/apache/zookeeper/server/quorum/QuorumPeer.java 
---
@@ -194,6 +237,12 @@ public void recreateSocketAddresses() {
 public long id;
 
 public LearnerType type = LearnerType.PARTICIPANT;
+
+/**
+ * the time, in millseconds, before {@link 
InetAddress#isReachable} aborts
--- End diff --

typo: miliseconds.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[jira] [Commented] (ZOOKEEPER-2700) Force ZooKeeper to generate snapshot

2017-02-17 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2700?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15872478#comment-15872478
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2700:
---

Github user edwardoliveira commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/180#discussion_r101841044
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/SnapCommand.java ---
@@ -0,0 +1,53 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.zookeeper.server.command;
+
+import org.apache.zookeeper.server.ServerCnxn;
+import org.apache.zookeeper.server.ZooKeeperThread;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+
+public class SnapCommand extends AbstractFourLetterCommand {
+private static final Logger LOG = 
LoggerFactory.getLogger(SnapCommand.class);
+
+SnapCommand(PrintWriter pw, ServerCnxn serverCnxn) {
+super(pw,serverCnxn);
+}
+
+@Override
+public void commandRun() throws IOException {
+if (!isZKServerRunning()) {
+pw.println(ZK_NOT_SERVING);
+} else {
+Thread snapInProcess = new ZooKeeperThread("Snapshot Thread") {
--- End diff --

Yup, suggested that one too. Either would be good, or both.


> Force ZooKeeper to generate snapshot
> 
>
> Key: ZOOKEEPER-2700
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2700
> Project: ZooKeeper
>  Issue Type: Improvement
>Reporter: Flier Lu
>Priority: Minor
>
> When cold backup or remote offline sync Zookeeper instances, we need the 
> latest snapshot.
> Add a four letter `snap` command to force Zookeeper to generate snapshot.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[GitHub] zookeeper pull request #180: ZOOKEEPER-2700 add `snap` command to take snaps...

2017-02-17 Thread edwardoliveira 
Github user edwardoliveira commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/180#discussion_r101841044
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/SnapCommand.java ---
@@ -0,0 +1,53 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.zookeeper.server.command;
+
+import org.apache.zookeeper.server.ServerCnxn;
+import org.apache.zookeeper.server.ZooKeeperThread;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+
+public class SnapCommand extends AbstractFourLetterCommand {
+private static final Logger LOG = 
LoggerFactory.getLogger(SnapCommand.class);
+
+SnapCommand(PrintWriter pw, ServerCnxn serverCnxn) {
+super(pw,serverCnxn);
+}
+
+@Override
+public void commandRun() throws IOException {
+if (!isZKServerRunning()) {
+pw.println(ZK_NOT_SERVING);
+} else {
+Thread snapInProcess = new ZooKeeperThread("Snapshot Thread") {
--- End diff --

Yup, suggested that one too. Either would be good, or both.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[jira] [Commented] (ZOOKEEPER-2700) Force ZooKeeper to generate snapshot

2017-02-17 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2700?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15872456#comment-15872456
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2700:
---

Github user hanm commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/180#discussion_r101839349
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/SnapCommand.java ---
@@ -0,0 +1,53 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.zookeeper.server.command;
+
+import org.apache.zookeeper.server.ServerCnxn;
+import org.apache.zookeeper.server.ZooKeeperThread;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+
+public class SnapCommand extends AbstractFourLetterCommand {
+private static final Logger LOG = 
LoggerFactory.getLogger(SnapCommand.class);
+
+SnapCommand(PrintWriter pw, ServerCnxn serverCnxn) {
+super(pw,serverCnxn);
+}
+
+@Override
+public void commandRun() throws IOException {
+if (!isZKServerRunning()) {
+pw.println(ZK_NOT_SERVING);
+} else {
+Thread snapInProcess = new ZooKeeperThread("Snapshot Thread") {
--- End diff --

@eribeiro Yes that is one option - another would be Jetty AdminServer.


> Force ZooKeeper to generate snapshot
> 
>
> Key: ZOOKEEPER-2700
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2700
> Project: ZooKeeper
>  Issue Type: Improvement
>Reporter: Flier Lu
>Priority: Minor
>
> When cold backup or remote offline sync Zookeeper instances, we need the 
> latest snapshot.
> Add a four letter `snap` command to force Zookeeper to generate snapshot.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[GitHub] zookeeper pull request #180: ZOOKEEPER-2700 add `snap` command to take snaps...

2017-02-17 Thread hanm 
Github user hanm commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/180#discussion_r101839349
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/SnapCommand.java ---
@@ -0,0 +1,53 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.zookeeper.server.command;
+
+import org.apache.zookeeper.server.ServerCnxn;
+import org.apache.zookeeper.server.ZooKeeperThread;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+
+public class SnapCommand extends AbstractFourLetterCommand {
+private static final Logger LOG = 
LoggerFactory.getLogger(SnapCommand.class);
+
+SnapCommand(PrintWriter pw, ServerCnxn serverCnxn) {
+super(pw,serverCnxn);
+}
+
+@Override
+public void commandRun() throws IOException {
+if (!isZKServerRunning()) {
+pw.println(ZK_NOT_SERVING);
+} else {
+Thread snapInProcess = new ZooKeeperThread("Snapshot Thread") {
--- End diff --

@eribeiro Yes that is one option - another would be Jetty AdminServer.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[jira] [Commented] (ZOOKEEPER-2693) DOS attack on wchp/wchc four letter words (4lw)

2017-02-17 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15872452#comment-15872452
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2693:
---

Github user hanm commented on the issue:

https://github.com/apache/zookeeper/pull/179
  
Thanks @arshadmohammad for review. I'll update the patch soon. 


> DOS attack on wchp/wchc four letter words (4lw)
> ---
>
> Key: ZOOKEEPER-2693
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2693
> Project: ZooKeeper
>  Issue Type: Bug
>  Components: security, server
>Affects Versions: 3.4.0, 3.5.1, 3.5.2
>Reporter: Patrick Hunt
>Assignee: Michael Han
>Priority: Blocker
> Fix For: 3.4.10, 3.5.3
>
>
> The wchp/wchc four letter words can be exploited in a DOS attack on the ZK 
> client port - typically 2181. The following POC attack was recently published 
> on the web:
> https://webcache.googleusercontent.com/search?q=cache:_CNGIz10PRYJ:https://www.exploit-db.com/exploits/41277/+=14=en=clnk=us
> The most straightforward way to block this attack is to not allow access to 
> the client port to non-trusted clients - i.e. firewall the ZooKeeper service 
> and only allow access to trusted applications using it for coordination.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (ZOOKEEPER-2693) DOS attack on wchp/wchc four letter words (4lw)

2017-02-17 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15872449#comment-15872449
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2693:
---

Github user hanm commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101838800
  
--- Diff: 
src/java/test/org/apache/zookeeper/test/FourLetterWordsWhiteListTest.java ---
@@ -0,0 +1,123 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.zookeeper.test;
+
+import java.io.IOException;
+
+
+import org.apache.zookeeper.TestableZooKeeper;
+import org.apache.zookeeper.common.X509Exception.SSLContextException;
+
+import static 
org.apache.zookeeper.client.FourLetterWordMain.send4LetterWord;
+
+import org.junit.Assert;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.rules.Timeout;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class FourLetterWordsWhiteListTest extends ClientBase {
--- End diff --

I think all cases are already covered with a combination of this test and 
other existing test except this one "verify that for non-configured commands 
connection is close" - but I could also make all test cases explicit as well. 


> DOS attack on wchp/wchc four letter words (4lw)
> ---
>
> Key: ZOOKEEPER-2693
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2693
> Project: ZooKeeper
>  Issue Type: Bug
>  Components: security, server
>Affects Versions: 3.4.0, 3.5.1, 3.5.2
>Reporter: Patrick Hunt
>Assignee: Michael Han
>Priority: Blocker
> Fix For: 3.4.10, 3.5.3
>
>
> The wchp/wchc four letter words can be exploited in a DOS attack on the ZK 
> client port - typically 2181. The following POC attack was recently published 
> on the web:
> https://webcache.googleusercontent.com/search?q=cache:_CNGIz10PRYJ:https://www.exploit-db.com/exploits/41277/+=14=en=clnk=us
> The most straightforward way to block this attack is to not allow access to 
> the client port to non-trusted clients - i.e. firewall the ZooKeeper service 
> and only allow access to trusted applications using it for coordination.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (ZOOKEEPER-2693) DOS attack on wchp/wchc four letter words (4lw)

2017-02-17 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15872450#comment-15872450
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2693:
---

Github user hanm commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101838868
  
--- Diff: 
src/java/test/org/apache/zookeeper/test/FourLetterWordsWhiteListTest.java ---
@@ -0,0 +1,123 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.zookeeper.test;
+
+import java.io.IOException;
+
+
+import org.apache.zookeeper.TestableZooKeeper;
+import org.apache.zookeeper.common.X509Exception.SSLContextException;
+
+import static 
org.apache.zookeeper.client.FourLetterWordMain.send4LetterWord;
+
+import org.junit.Assert;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.rules.Timeout;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class FourLetterWordsWhiteListTest extends ClientBase {
+protected static final Logger LOG =
+LoggerFactory.getLogger(FourLetterWordsTest.class);
+
+@Rule
+public Timeout timeout = new Timeout(3);
--- End diff --

Good catch - it was a copy paste from another test.


> DOS attack on wchp/wchc four letter words (4lw)
> ---
>
> Key: ZOOKEEPER-2693
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2693
> Project: ZooKeeper
>  Issue Type: Bug
>  Components: security, server
>Affects Versions: 3.4.0, 3.5.1, 3.5.2
>Reporter: Patrick Hunt
>Assignee: Michael Han
>Priority: Blocker
> Fix For: 3.4.10, 3.5.3
>
>
> The wchp/wchc four letter words can be exploited in a DOS attack on the ZK 
> client port - typically 2181. The following POC attack was recently published 
> on the web:
> https://webcache.googleusercontent.com/search?q=cache:_CNGIz10PRYJ:https://www.exploit-db.com/exploits/41277/+=14=en=clnk=us
> The most straightforward way to block this attack is to not allow access to 
> the client port to non-trusted clients - i.e. firewall the ZooKeeper service 
> and only allow access to trusted applications using it for coordination.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[GitHub] zookeeper issue #179: ZOOKEEPER-2693: DOS attack on wchp/wchc four letter wo...

2017-02-17 Thread hanm 
Github user hanm commented on the issue:

https://github.com/apache/zookeeper/pull/179
  
Thanks @arshadmohammad for review. I'll update the patch soon. 


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[GitHub] zookeeper pull request #179: ZOOKEEPER-2693: DOS attack on wchp/wchc four le...

2017-02-17 Thread hanm 
Github user hanm commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101838868
  
--- Diff: 
src/java/test/org/apache/zookeeper/test/FourLetterWordsWhiteListTest.java ---
@@ -0,0 +1,123 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.zookeeper.test;
+
+import java.io.IOException;
+
+
+import org.apache.zookeeper.TestableZooKeeper;
+import org.apache.zookeeper.common.X509Exception.SSLContextException;
+
+import static 
org.apache.zookeeper.client.FourLetterWordMain.send4LetterWord;
+
+import org.junit.Assert;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.rules.Timeout;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class FourLetterWordsWhiteListTest extends ClientBase {
+protected static final Logger LOG =
+LoggerFactory.getLogger(FourLetterWordsTest.class);
+
+@Rule
+public Timeout timeout = new Timeout(3);
--- End diff --

Good catch - it was a copy paste from another test.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[GitHub] zookeeper pull request #179: ZOOKEEPER-2693: DOS attack on wchp/wchc four le...

2017-02-17 Thread hanm 
Github user hanm commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101838800
  
--- Diff: 
src/java/test/org/apache/zookeeper/test/FourLetterWordsWhiteListTest.java ---
@@ -0,0 +1,123 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.zookeeper.test;
+
+import java.io.IOException;
+
+
+import org.apache.zookeeper.TestableZooKeeper;
+import org.apache.zookeeper.common.X509Exception.SSLContextException;
+
+import static 
org.apache.zookeeper.client.FourLetterWordMain.send4LetterWord;
+
+import org.junit.Assert;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.rules.Timeout;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class FourLetterWordsWhiteListTest extends ClientBase {
--- End diff --

I think all cases are already covered with a combination of this test and 
other existing test except this one "verify that for non-configured commands 
connection is close" - but I could also make all test cases explicit as well. 


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[jira] [Commented] (ZOOKEEPER-2693) DOS attack on wchp/wchc four letter words (4lw)

2017-02-17 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15872445#comment-15872445
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2693:
---

Github user hanm commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101838431
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/FourLetterCommands.java ---
@@ -153,13 +159,50 @@
  */
 public final static int telnetCloseCmd = 0xfff4fffd;
 
-final static HashMap cmd2String =
-new HashMap();
+private static final String ZOOKEEPER_4LW_COMMANDS_WHITELIST = 
"zookeeper.4lw.commands.whitelist";
+
+// A property only used in tests to turn on / off entire set of 
supported four letter word commands.
+private static final String ZOOKEEPER_4LW_TEST = 
"zookeeper.test.4lw.enabled";
--- End diff --

I really like this property as it saves me tons of work - but I'll see what 
I can do.


> DOS attack on wchp/wchc four letter words (4lw)
> ---
>
> Key: ZOOKEEPER-2693
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2693
> Project: ZooKeeper
>  Issue Type: Bug
>  Components: security, server
>Affects Versions: 3.4.0, 3.5.1, 3.5.2
>Reporter: Patrick Hunt
>Assignee: Michael Han
>Priority: Blocker
> Fix For: 3.4.10, 3.5.3
>
>
> The wchp/wchc four letter words can be exploited in a DOS attack on the ZK 
> client port - typically 2181. The following POC attack was recently published 
> on the web:
> https://webcache.googleusercontent.com/search?q=cache:_CNGIz10PRYJ:https://www.exploit-db.com/exploits/41277/+=14=en=clnk=us
> The most straightforward way to block this attack is to not allow access to 
> the client port to non-trusted clients - i.e. firewall the ZooKeeper service 
> and only allow access to trusted applications using it for coordination.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[GitHub] zookeeper pull request #179: ZOOKEEPER-2693: DOS attack on wchp/wchc four le...

2017-02-17 Thread hanm 
Github user hanm commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101838458
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/FourLetterCommands.java ---
@@ -153,13 +159,50 @@
  */
 public final static int telnetCloseCmd = 0xfff4fffd;
 
-final static HashMap cmd2String =
-new HashMap();
+private static final String ZOOKEEPER_4LW_COMMANDS_WHITELIST = 
"zookeeper.4lw.commands.whitelist";
+
+// A property only used in tests to turn on / off entire set of 
supported four letter word commands.
+private static final String ZOOKEEPER_4LW_TEST = 
"zookeeper.test.4lw.enabled";
+
+private static final Logger LOG = 
LoggerFactory.getLogger(FourLetterCommands.class);
+
+private static final Map cmd2String = new 
HashMap();
+
+private static final Set whiteListedCommands = new 
HashSet();
 
 public static Map getCmdMapView() {
 return Collections.unmodifiableMap(cmd2String);
 }
 
+// ZOOKEEPER-2693: Only allow white listed commands.
+public static Set getWhiteListedCmdView() {
--- End diff --

Sounds reasonable.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[GitHub] zookeeper pull request #179: ZOOKEEPER-2693: DOS attack on wchp/wchc four le...

2017-02-17 Thread hanm 
Github user hanm commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101838431
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/FourLetterCommands.java ---
@@ -153,13 +159,50 @@
  */
 public final static int telnetCloseCmd = 0xfff4fffd;
 
-final static HashMap cmd2String =
-new HashMap();
+private static final String ZOOKEEPER_4LW_COMMANDS_WHITELIST = 
"zookeeper.4lw.commands.whitelist";
+
+// A property only used in tests to turn on / off entire set of 
supported four letter word commands.
+private static final String ZOOKEEPER_4LW_TEST = 
"zookeeper.test.4lw.enabled";
--- End diff --

I really like this property as it saves me tons of work - but I'll see what 
I can do.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[jira] [Commented] (ZOOKEEPER-2693) DOS attack on wchp/wchc four letter words (4lw)

2017-02-17 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15872446#comment-15872446
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2693:
---

Github user hanm commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101838458
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/FourLetterCommands.java ---
@@ -153,13 +159,50 @@
  */
 public final static int telnetCloseCmd = 0xfff4fffd;
 
-final static HashMap cmd2String =
-new HashMap();
+private static final String ZOOKEEPER_4LW_COMMANDS_WHITELIST = 
"zookeeper.4lw.commands.whitelist";
+
+// A property only used in tests to turn on / off entire set of 
supported four letter word commands.
+private static final String ZOOKEEPER_4LW_TEST = 
"zookeeper.test.4lw.enabled";
+
+private static final Logger LOG = 
LoggerFactory.getLogger(FourLetterCommands.class);
+
+private static final Map cmd2String = new 
HashMap();
+
+private static final Set whiteListedCommands = new 
HashSet();
 
 public static Map getCmdMapView() {
 return Collections.unmodifiableMap(cmd2String);
 }
 
+// ZOOKEEPER-2693: Only allow white listed commands.
+public static Set getWhiteListedCmdView() {
--- End diff --

Sounds reasonable.


> DOS attack on wchp/wchc four letter words (4lw)
> ---
>
> Key: ZOOKEEPER-2693
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2693
> Project: ZooKeeper
>  Issue Type: Bug
>  Components: security, server
>Affects Versions: 3.4.0, 3.5.1, 3.5.2
>Reporter: Patrick Hunt
>Assignee: Michael Han
>Priority: Blocker
> Fix For: 3.4.10, 3.5.3
>
>
> The wchp/wchc four letter words can be exploited in a DOS attack on the ZK 
> client port - typically 2181. The following POC attack was recently published 
> on the web:
> https://webcache.googleusercontent.com/search?q=cache:_CNGIz10PRYJ:https://www.exploit-db.com/exploits/41277/+=14=en=clnk=us
> The most straightforward way to block this attack is to not allow access to 
> the client port to non-trusted clients - i.e. firewall the ZooKeeper service 
> and only allow access to trusted applications using it for coordination.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (ZOOKEEPER-2693) DOS attack on wchp/wchc four letter words (4lw)

2017-02-17 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15872443#comment-15872443
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2693:
---

Github user hanm commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101838329
  
--- Diff: src/java/main/org/apache/zookeeper/server/NIOServerCnxn.java ---
@@ -479,7 +479,7 @@ private boolean checkFourLetterWord(final SelectionKey 
k, final int len)
 // We take advantage of the limited size of the length to look
 // for cmds. They are all 4-bytes which fits inside of an int
 String cmd = FourLetterCommands.getCmdMapView().get(len);
-if (cmd == null) {
+if (cmd == null || 
!FourLetterCommands.getWhiteListedCmdView().contains(cmd)) {
--- End diff --

I think the original comment was not clear but I think it is a good catch - 
instead of return false here we return true because the semantic of 
checkFourLetterWord is we only return false if 4lw is not found, and in that 
case the caller will think this is a client message and proceed allocate buffer 
etc work (iiuc that was what the "it should be processed in that way only" 
meant.).


> DOS attack on wchp/wchc four letter words (4lw)
> ---
>
> Key: ZOOKEEPER-2693
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2693
> Project: ZooKeeper
>  Issue Type: Bug
>  Components: security, server
>Affects Versions: 3.4.0, 3.5.1, 3.5.2
>Reporter: Patrick Hunt
>Assignee: Michael Han
>Priority: Blocker
> Fix For: 3.4.10, 3.5.3
>
>
> The wchp/wchc four letter words can be exploited in a DOS attack on the ZK 
> client port - typically 2181. The following POC attack was recently published 
> on the web:
> https://webcache.googleusercontent.com/search?q=cache:_CNGIz10PRYJ:https://www.exploit-db.com/exploits/41277/+=14=en=clnk=us
> The most straightforward way to block this attack is to not allow access to 
> the client port to non-trusted clients - i.e. firewall the ZooKeeper service 
> and only allow access to trusted applications using it for coordination.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[GitHub] zookeeper pull request #179: ZOOKEEPER-2693: DOS attack on wchp/wchc four le...

2017-02-17 Thread hanm 
Github user hanm commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101838329
  
--- Diff: src/java/main/org/apache/zookeeper/server/NIOServerCnxn.java ---
@@ -479,7 +479,7 @@ private boolean checkFourLetterWord(final SelectionKey 
k, final int len)
 // We take advantage of the limited size of the length to look
 // for cmds. They are all 4-bytes which fits inside of an int
 String cmd = FourLetterCommands.getCmdMapView().get(len);
-if (cmd == null) {
+if (cmd == null || 
!FourLetterCommands.getWhiteListedCmdView().contains(cmd)) {
--- End diff --

I think the original comment was not clear but I think it is a good catch - 
instead of return false here we return true because the semantic of 
checkFourLetterWord is we only return false if 4lw is not found, and in that 
case the caller will think this is a client message and proceed allocate buffer 
etc work (iiuc that was what the "it should be processed in that way only" 
meant.).


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[jira] [Commented] (ZOOKEEPER-2693) DOS attack on wchp/wchc four letter words (4lw)

2017-02-17 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15872425#comment-15872425
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2693:
---

Github user eribeiro commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101836721
  
--- Diff: src/java/main/org/apache/zookeeper/server/NIOServerCnxn.java ---
@@ -479,7 +479,7 @@ private boolean checkFourLetterWord(final SelectionKey 
k, final int len)
 // We take advantage of the limited size of the length to look
 // for cmds. They are all 4-bytes which fits inside of an int
 String cmd = FourLetterCommands.getCmdMapView().get(len);
-if (cmd == null) {
+if (cmd == null || 
!FourLetterCommands.getWhiteListedCmdView().contains(cmd)) {
--- End diff --

What do you suggest it can be done here?

Maybe throw an exception if 
``!FourLetterCommands.getWhiteListedCmdView().contains(cmd)`` is ``true`` and 
get it in the callee?


> DOS attack on wchp/wchc four letter words (4lw)
> ---
>
> Key: ZOOKEEPER-2693
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2693
> Project: ZooKeeper
>  Issue Type: Bug
>  Components: security, server
>Affects Versions: 3.4.0, 3.5.1, 3.5.2
>Reporter: Patrick Hunt
>Assignee: Michael Han
>Priority: Blocker
> Fix For: 3.4.10, 3.5.3
>
>
> The wchp/wchc four letter words can be exploited in a DOS attack on the ZK 
> client port - typically 2181. The following POC attack was recently published 
> on the web:
> https://webcache.googleusercontent.com/search?q=cache:_CNGIz10PRYJ:https://www.exploit-db.com/exploits/41277/+=14=en=clnk=us
> The most straightforward way to block this attack is to not allow access to 
> the client port to non-trusted clients - i.e. firewall the ZooKeeper service 
> and only allow access to trusted applications using it for coordination.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[GitHub] zookeeper pull request #179: ZOOKEEPER-2693: DOS attack on wchp/wchc four le...

2017-02-17 Thread eribeiro 
Github user eribeiro commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101836721
  
--- Diff: src/java/main/org/apache/zookeeper/server/NIOServerCnxn.java ---
@@ -479,7 +479,7 @@ private boolean checkFourLetterWord(final SelectionKey 
k, final int len)
 // We take advantage of the limited size of the length to look
 // for cmds. They are all 4-bytes which fits inside of an int
 String cmd = FourLetterCommands.getCmdMapView().get(len);
-if (cmd == null) {
+if (cmd == null || 
!FourLetterCommands.getWhiteListedCmdView().contains(cmd)) {
--- End diff --

What do you suggest it can be done here?

Maybe throw an exception if 
``!FourLetterCommands.getWhiteListedCmdView().contains(cmd)`` is ``true`` and 
get it in the callee?


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[jira] [Commented] (ZOOKEEPER-2700) Force ZooKeeper to generate snapshot

2017-02-17 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2700?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15872391#comment-15872391
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2700:
---

Github user eribeiro commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/180#discussion_r101831774
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/SnapCommand.java ---
@@ -0,0 +1,53 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.zookeeper.server.command;
+
+import org.apache.zookeeper.server.ServerCnxn;
+import org.apache.zookeeper.server.ZooKeeperThread;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+
+public class SnapCommand extends AbstractFourLetterCommand {
+private static final Logger LOG = 
LoggerFactory.getLogger(SnapCommand.class);
+
+SnapCommand(PrintWriter pw, ServerCnxn serverCnxn) {
+super(pw,serverCnxn);
+}
+
+@Override
+public void commandRun() throws IOException {
+if (!isZKServerRunning()) {
+pw.println(ZK_NOT_SERVING);
+} else {
+Thread snapInProcess = new ZooKeeperThread("Snapshot Thread") {
--- End diff --

@hanm FYI, I suggested to add as a JMX option too.


> Force ZooKeeper to generate snapshot
> 
>
> Key: ZOOKEEPER-2700
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2700
> Project: ZooKeeper
>  Issue Type: Improvement
>Reporter: Flier Lu
>Priority: Minor
>
> When cold backup or remote offline sync Zookeeper instances, we need the 
> latest snapshot.
> Add a four letter `snap` command to force Zookeeper to generate snapshot.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[GitHub] zookeeper pull request #180: ZOOKEEPER-2700 add `snap` command to take snaps...

2017-02-17 Thread eribeiro 
Github user eribeiro commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/180#discussion_r101831774
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/SnapCommand.java ---
@@ -0,0 +1,53 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.zookeeper.server.command;
+
+import org.apache.zookeeper.server.ServerCnxn;
+import org.apache.zookeeper.server.ZooKeeperThread;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+
+public class SnapCommand extends AbstractFourLetterCommand {
+private static final Logger LOG = 
LoggerFactory.getLogger(SnapCommand.class);
+
+SnapCommand(PrintWriter pw, ServerCnxn serverCnxn) {
+super(pw,serverCnxn);
+}
+
+@Override
+public void commandRun() throws IOException {
+if (!isZKServerRunning()) {
+pw.println(ZK_NOT_SERVING);
+} else {
+Thread snapInProcess = new ZooKeeperThread("Snapshot Thread") {
--- End diff --

@hanm FYI, I suggested to add as a JMX option too.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[jira] [Commented] (ZOOKEEPER-2700) Force ZooKeeper to generate snapshot

2017-02-17 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2700?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15872363#comment-15872363
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2700:
---

Github user eribeiro commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/180#discussion_r101829550
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/SnapCommand.java ---
@@ -0,0 +1,53 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.zookeeper.server.command;
+
+import org.apache.zookeeper.server.ServerCnxn;
+import org.apache.zookeeper.server.ZooKeeperThread;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+
+public class SnapCommand extends AbstractFourLetterCommand {
+private static final Logger LOG = 
LoggerFactory.getLogger(SnapCommand.class);
+
+SnapCommand(PrintWriter pw, ServerCnxn serverCnxn) {
+super(pw,serverCnxn);
+}
+
+@Override
+public void commandRun() throws IOException {
+if (!isZKServerRunning()) {
+pw.println(ZK_NOT_SERVING);
+} else {
+Thread snapInProcess = new ZooKeeperThread("Snapshot Thread") {
--- End diff --

@hanm @revans2 cool we are on the same page: 
https://issues.apache.org/jira/browse/ZOOKEEPER-2700?focusedCommentId=15871945=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-15871945
 :smile: 


> Force ZooKeeper to generate snapshot
> 
>
> Key: ZOOKEEPER-2700
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2700
> Project: ZooKeeper
>  Issue Type: Improvement
>Reporter: Flier Lu
>Priority: Minor
>
> When cold backup or remote offline sync Zookeeper instances, we need the 
> latest snapshot.
> Add a four letter `snap` command to force Zookeeper to generate snapshot.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[GitHub] zookeeper pull request #180: ZOOKEEPER-2700 add `snap` command to take snaps...

2017-02-17 Thread eribeiro 
Github user eribeiro commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/180#discussion_r101829550
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/SnapCommand.java ---
@@ -0,0 +1,53 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.zookeeper.server.command;
+
+import org.apache.zookeeper.server.ServerCnxn;
+import org.apache.zookeeper.server.ZooKeeperThread;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+
+public class SnapCommand extends AbstractFourLetterCommand {
+private static final Logger LOG = 
LoggerFactory.getLogger(SnapCommand.class);
+
+SnapCommand(PrintWriter pw, ServerCnxn serverCnxn) {
+super(pw,serverCnxn);
+}
+
+@Override
+public void commandRun() throws IOException {
+if (!isZKServerRunning()) {
+pw.println(ZK_NOT_SERVING);
+} else {
+Thread snapInProcess = new ZooKeeperThread("Snapshot Thread") {
--- End diff --

@hanm @revans2 cool we are on the same page: 
https://issues.apache.org/jira/browse/ZOOKEEPER-2700?focusedCommentId=15871945=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-15871945
 :smile: 


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[jira] [Commented] (ZOOKEEPER-2693) DOS attack on wchp/wchc four letter words (4lw)

2017-02-17 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15872311#comment-15872311
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2693:
---

Github user arshadmohammad commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101824558
  
--- Diff: 
src/java/test/org/apache/zookeeper/test/FourLetterWordsWhiteListTest.java ---
@@ -0,0 +1,123 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.zookeeper.test;
+
+import java.io.IOException;
+
+
+import org.apache.zookeeper.TestableZooKeeper;
+import org.apache.zookeeper.common.X509Exception.SSLContextException;
+
+import static 
org.apache.zookeeper.client.FourLetterWordMain.send4LetterWord;
+
+import org.junit.Assert;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.rules.Timeout;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class FourLetterWordsWhiteListTest extends ClientBase {
--- End diff --

FourLetterWordsWhiteListTest should do testing around the configured value 
of zookeeper.4lw.commands.whitelist.
following are some scenairo which can be included
verify whether confiured commands execued properly
verify that the command which is not configured fails 
verify that for non-configured commands connection is close
verify default commands executed successfully without any configuration


> DOS attack on wchp/wchc four letter words (4lw)
> ---
>
> Key: ZOOKEEPER-2693
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2693
> Project: ZooKeeper
>  Issue Type: Bug
>  Components: security, server
>Affects Versions: 3.4.0, 3.5.1, 3.5.2
>Reporter: Patrick Hunt
>Assignee: Michael Han
>Priority: Blocker
> Fix For: 3.4.10, 3.5.3
>
>
> The wchp/wchc four letter words can be exploited in a DOS attack on the ZK 
> client port - typically 2181. The following POC attack was recently published 
> on the web:
> https://webcache.googleusercontent.com/search?q=cache:_CNGIz10PRYJ:https://www.exploit-db.com/exploits/41277/+=14=en=clnk=us
> The most straightforward way to block this attack is to not allow access to 
> the client port to non-trusted clients - i.e. firewall the ZooKeeper service 
> and only allow access to trusted applications using it for coordination.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[GitHub] zookeeper pull request #179: ZOOKEEPER-2693: DOS attack on wchp/wchc four le...

2017-02-17 Thread arshadmohammad 
Github user arshadmohammad commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101824634
  
--- Diff: 
src/java/test/org/apache/zookeeper/test/FourLetterWordsWhiteListTest.java ---
@@ -0,0 +1,123 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.zookeeper.test;
+
+import java.io.IOException;
+
+
+import org.apache.zookeeper.TestableZooKeeper;
+import org.apache.zookeeper.common.X509Exception.SSLContextException;
+
+import static 
org.apache.zookeeper.client.FourLetterWordMain.send4LetterWord;
+
+import org.junit.Assert;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.rules.Timeout;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class FourLetterWordsWhiteListTest extends ClientBase {
+protected static final Logger LOG =
+LoggerFactory.getLogger(FourLetterWordsTest.class);
+
+@Rule
+public Timeout timeout = new Timeout(3);
--- End diff --

The constructor Timeout(int) is deprecated use 
org.junit.rules.Timeout.Timeout(long timeout, TimeUnit timeUnit)


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[jira] [Commented] (ZOOKEEPER-2693) DOS attack on wchp/wchc four letter words (4lw)

2017-02-17 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15872313#comment-15872313
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2693:
---

Github user arshadmohammad commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101824634
  
--- Diff: 
src/java/test/org/apache/zookeeper/test/FourLetterWordsWhiteListTest.java ---
@@ -0,0 +1,123 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.zookeeper.test;
+
+import java.io.IOException;
+
+
+import org.apache.zookeeper.TestableZooKeeper;
+import org.apache.zookeeper.common.X509Exception.SSLContextException;
+
+import static 
org.apache.zookeeper.client.FourLetterWordMain.send4LetterWord;
+
+import org.junit.Assert;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.rules.Timeout;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class FourLetterWordsWhiteListTest extends ClientBase {
+protected static final Logger LOG =
+LoggerFactory.getLogger(FourLetterWordsTest.class);
+
+@Rule
+public Timeout timeout = new Timeout(3);
--- End diff --

The constructor Timeout(int) is deprecated use 
org.junit.rules.Timeout.Timeout(long timeout, TimeUnit timeUnit)


> DOS attack on wchp/wchc four letter words (4lw)
> ---
>
> Key: ZOOKEEPER-2693
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2693
> Project: ZooKeeper
>  Issue Type: Bug
>  Components: security, server
>Affects Versions: 3.4.0, 3.5.1, 3.5.2
>Reporter: Patrick Hunt
>Assignee: Michael Han
>Priority: Blocker
> Fix For: 3.4.10, 3.5.3
>
>
> The wchp/wchc four letter words can be exploited in a DOS attack on the ZK 
> client port - typically 2181. The following POC attack was recently published 
> on the web:
> https://webcache.googleusercontent.com/search?q=cache:_CNGIz10PRYJ:https://www.exploit-db.com/exploits/41277/+=14=en=clnk=us
> The most straightforward way to block this attack is to not allow access to 
> the client port to non-trusted clients - i.e. firewall the ZooKeeper service 
> and only allow access to trusted applications using it for coordination.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[GitHub] zookeeper pull request #179: ZOOKEEPER-2693: DOS attack on wchp/wchc four le...

2017-02-17 Thread arshadmohammad 
Github user arshadmohammad commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101824558
  
--- Diff: 
src/java/test/org/apache/zookeeper/test/FourLetterWordsWhiteListTest.java ---
@@ -0,0 +1,123 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.zookeeper.test;
+
+import java.io.IOException;
+
+
+import org.apache.zookeeper.TestableZooKeeper;
+import org.apache.zookeeper.common.X509Exception.SSLContextException;
+
+import static 
org.apache.zookeeper.client.FourLetterWordMain.send4LetterWord;
+
+import org.junit.Assert;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.rules.Timeout;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class FourLetterWordsWhiteListTest extends ClientBase {
--- End diff --

FourLetterWordsWhiteListTest should do testing around the configured value 
of zookeeper.4lw.commands.whitelist.
following are some scenairo which can be included
verify whether confiured commands execued properly
verify that the command which is not configured fails 
verify that for non-configured commands connection is close
verify default commands executed successfully without any configuration


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[jira] [Commented] (ZOOKEEPER-2693) DOS attack on wchp/wchc four letter words (4lw)

2017-02-17 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15872291#comment-15872291
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2693:
---

Github user arshadmohammad commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101821552
  
--- Diff: 
src/java/test/org/apache/zookeeper/server/ZooKeeperServerStartupTest.java ---
@@ -167,6 +167,7 @@ public void 
testClientConnectionRequestDuringStartupWithNettyServerCnxn()
  */
 @Test(timeout = 3)
 public void testFourLetterWords() throws Exception {
+System.setProperty("zookeeper.test.4lw.enabled", "true");
--- End diff --

I is better to use zookeeper.4lw.commands.whitelist. This comment is for 
all the test classes where zookeeper.test.4lw.enabled used. 


> DOS attack on wchp/wchc four letter words (4lw)
> ---
>
> Key: ZOOKEEPER-2693
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2693
> Project: ZooKeeper
>  Issue Type: Bug
>  Components: security, server
>Affects Versions: 3.4.0, 3.5.1, 3.5.2
>Reporter: Patrick Hunt
>Assignee: Michael Han
>Priority: Blocker
> Fix For: 3.4.10, 3.5.3
>
>
> The wchp/wchc four letter words can be exploited in a DOS attack on the ZK 
> client port - typically 2181. The following POC attack was recently published 
> on the web:
> https://webcache.googleusercontent.com/search?q=cache:_CNGIz10PRYJ:https://www.exploit-db.com/exploits/41277/+=14=en=clnk=us
> The most straightforward way to block this attack is to not allow access to 
> the client port to non-trusted clients - i.e. firewall the ZooKeeper service 
> and only allow access to trusted applications using it for coordination.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[GitHub] zookeeper pull request #179: ZOOKEEPER-2693: DOS attack on wchp/wchc four le...

2017-02-17 Thread arshadmohammad 
Github user arshadmohammad commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101821552
  
--- Diff: 
src/java/test/org/apache/zookeeper/server/ZooKeeperServerStartupTest.java ---
@@ -167,6 +167,7 @@ public void 
testClientConnectionRequestDuringStartupWithNettyServerCnxn()
  */
 @Test(timeout = 3)
 public void testFourLetterWords() throws Exception {
+System.setProperty("zookeeper.test.4lw.enabled", "true");
--- End diff --

I is better to use zookeeper.4lw.commands.whitelist. This comment is for 
all the test classes where zookeeper.test.4lw.enabled used. 


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[jira] [Updated] (ZOOKEEPER-2696) Eclipse ant task no longer determines correct classpath for tests after ZOOKEEPER-2689

2017-02-17 Thread Abraham Fine (JIRA) 

 [ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2696?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Abraham Fine updated ZOOKEEPER-2696:

Summary: Eclipse ant task no longer determines correct classpath for tests 
after ZOOKEEPER-2689  (was: Eclipse ant ask no longer determines correct 
classpath for tests after ZOOKEEPER-2689)

> Eclipse ant task no longer determines correct classpath for tests after 
> ZOOKEEPER-2689
> --
>
> Key: ZOOKEEPER-2696
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2696
> Project: ZooKeeper
>  Issue Type: Bug
>Affects Versions: 3.4.10
>Reporter: Abraham Fine
>Assignee: Abraham Fine
>
> Following the changes made in ZOOKEEPER-2689 IDE's using the .classpath file 
> generated by the eclipse ant task (I tested both idea and eclipse) cannot 
> compile the tests.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[GitHub] zookeeper pull request #179: ZOOKEEPER-2693: DOS attack on wchp/wchc four le...

2017-02-17 Thread arshadmohammad 
Github user arshadmohammad commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101819637
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/FourLetterCommands.java ---
@@ -153,13 +159,50 @@
  */
 public final static int telnetCloseCmd = 0xfff4fffd;
 
-final static HashMap cmd2String =
-new HashMap();
+private static final String ZOOKEEPER_4LW_COMMANDS_WHITELIST = 
"zookeeper.4lw.commands.whitelist";
+
+// A property only used in tests to turn on / off entire set of 
supported four letter word commands.
+private static final String ZOOKEEPER_4LW_TEST = 
"zookeeper.test.4lw.enabled";
+
+private static final Logger LOG = 
LoggerFactory.getLogger(FourLetterCommands.class);
+
+private static final Map cmd2String = new 
HashMap();
+
+private static final Set whiteListedCommands = new 
HashSet();
 
 public static Map getCmdMapView() {
 return Collections.unmodifiableMap(cmd2String);
 }
 
+// ZOOKEEPER-2693: Only allow white listed commands.
+public static Set getWhiteListedCmdView() {
+if (!whiteListedCommands.isEmpty()) {
+return Collections.unmodifiableSet(whiteListedCommands);
+}
+
+if (System.getProperty(ZOOKEEPER_4LW_TEST, 
"false").equals("true")) {
--- End diff --

Should be removed as suggested in previous comment


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[jira] [Commented] (ZOOKEEPER-2693) DOS attack on wchp/wchc four letter words (4lw)

2017-02-17 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15872277#comment-15872277
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2693:
---

Github user arshadmohammad commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101819527
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/FourLetterCommands.java ---
@@ -153,13 +159,50 @@
  */
 public final static int telnetCloseCmd = 0xfff4fffd;
 
-final static HashMap cmd2String =
-new HashMap();
+private static final String ZOOKEEPER_4LW_COMMANDS_WHITELIST = 
"zookeeper.4lw.commands.whitelist";
+
+// A property only used in tests to turn on / off entire set of 
supported four letter word commands.
+private static final String ZOOKEEPER_4LW_TEST = 
"zookeeper.test.4lw.enabled";
+
+private static final Logger LOG = 
LoggerFactory.getLogger(FourLetterCommands.class);
+
+private static final Map cmd2String = new 
HashMap();
+
+private static final Set whiteListedCommands = new 
HashSet();
 
 public static Map getCmdMapView() {
 return Collections.unmodifiableMap(cmd2String);
 }
 
+// ZOOKEEPER-2693: Only allow white listed commands.
+public static Set getWhiteListedCmdView() {
--- End diff --

I think instead of returning all the commands all the time and making 
collection object. We can write function isWhiteListedCommand(String command) 
and use it


> DOS attack on wchp/wchc four letter words (4lw)
> ---
>
> Key: ZOOKEEPER-2693
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2693
> Project: ZooKeeper
>  Issue Type: Bug
>  Components: security, server
>Affects Versions: 3.4.0, 3.5.1, 3.5.2
>Reporter: Patrick Hunt
>Assignee: Michael Han
>Priority: Blocker
> Fix For: 3.4.10, 3.5.3
>
>
> The wchp/wchc four letter words can be exploited in a DOS attack on the ZK 
> client port - typically 2181. The following POC attack was recently published 
> on the web:
> https://webcache.googleusercontent.com/search?q=cache:_CNGIz10PRYJ:https://www.exploit-db.com/exploits/41277/+=14=en=clnk=us
> The most straightforward way to block this attack is to not allow access to 
> the client port to non-trusted clients - i.e. firewall the ZooKeeper service 
> and only allow access to trusted applications using it for coordination.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[GitHub] zookeeper pull request #179: ZOOKEEPER-2693: DOS attack on wchp/wchc four le...

2017-02-17 Thread arshadmohammad 
Github user arshadmohammad commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101819527
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/FourLetterCommands.java ---
@@ -153,13 +159,50 @@
  */
 public final static int telnetCloseCmd = 0xfff4fffd;
 
-final static HashMap cmd2String =
-new HashMap();
+private static final String ZOOKEEPER_4LW_COMMANDS_WHITELIST = 
"zookeeper.4lw.commands.whitelist";
+
+// A property only used in tests to turn on / off entire set of 
supported four letter word commands.
+private static final String ZOOKEEPER_4LW_TEST = 
"zookeeper.test.4lw.enabled";
+
+private static final Logger LOG = 
LoggerFactory.getLogger(FourLetterCommands.class);
+
+private static final Map cmd2String = new 
HashMap();
+
+private static final Set whiteListedCommands = new 
HashSet();
 
 public static Map getCmdMapView() {
 return Collections.unmodifiableMap(cmd2String);
 }
 
+// ZOOKEEPER-2693: Only allow white listed commands.
+public static Set getWhiteListedCmdView() {
--- End diff --

I think instead of returning all the commands all the time and making 
collection object. We can write function isWhiteListedCommand(String command) 
and use it


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[jira] [Commented] (ZOOKEEPER-2693) DOS attack on wchp/wchc four letter words (4lw)

2017-02-17 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15872272#comment-15872272
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2693:
---

Github user arshadmohammad commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101818968
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/FourLetterCommands.java ---
@@ -153,13 +159,50 @@
  */
 public final static int telnetCloseCmd = 0xfff4fffd;
 
-final static HashMap cmd2String =
-new HashMap();
+private static final String ZOOKEEPER_4LW_COMMANDS_WHITELIST = 
"zookeeper.4lw.commands.whitelist";
+
+// A property only used in tests to turn on / off entire set of 
supported four letter word commands.
+private static final String ZOOKEEPER_4LW_TEST = 
"zookeeper.test.4lw.enabled";
--- End diff --

We should not add new property for test cases, instead use main property 
for test cases also. may be you can move repetitive test code to utility test 
class. 


> DOS attack on wchp/wchc four letter words (4lw)
> ---
>
> Key: ZOOKEEPER-2693
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2693
> Project: ZooKeeper
>  Issue Type: Bug
>  Components: security, server
>Affects Versions: 3.4.0, 3.5.1, 3.5.2
>Reporter: Patrick Hunt
>Assignee: Michael Han
>Priority: Blocker
> Fix For: 3.4.10, 3.5.3
>
>
> The wchp/wchc four letter words can be exploited in a DOS attack on the ZK 
> client port - typically 2181. The following POC attack was recently published 
> on the web:
> https://webcache.googleusercontent.com/search?q=cache:_CNGIz10PRYJ:https://www.exploit-db.com/exploits/41277/+=14=en=clnk=us
> The most straightforward way to block this attack is to not allow access to 
> the client port to non-trusted clients - i.e. firewall the ZooKeeper service 
> and only allow access to trusted applications using it for coordination.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[GitHub] zookeeper pull request #179: ZOOKEEPER-2693: DOS attack on wchp/wchc four le...

2017-02-17 Thread arshadmohammad 
Github user arshadmohammad commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101818968
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/FourLetterCommands.java ---
@@ -153,13 +159,50 @@
  */
 public final static int telnetCloseCmd = 0xfff4fffd;
 
-final static HashMap cmd2String =
-new HashMap();
+private static final String ZOOKEEPER_4LW_COMMANDS_WHITELIST = 
"zookeeper.4lw.commands.whitelist";
+
+// A property only used in tests to turn on / off entire set of 
supported four letter word commands.
+private static final String ZOOKEEPER_4LW_TEST = 
"zookeeper.test.4lw.enabled";
--- End diff --

We should not add new property for test cases, instead use main property 
for test cases also. may be you can move repetitive test code to utility test 
class. 


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[jira] [Commented] (ZOOKEEPER-2693) DOS attack on wchp/wchc four letter words (4lw)

2017-02-17 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15872266#comment-15872266
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2693:
---

Github user arshadmohammad commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101818408
  
--- Diff: src/java/main/org/apache/zookeeper/server/NettyServerCnxn.java ---
@@ -268,7 +268,7 @@ private boolean checkFourLetterWord(final Channel 
channel,
 // We take advantage of the limited size of the length to look
 // for cmds. They are all 4-bytes which fits inside of an int
 String cmd = FourLetterCommands.getCmdMapView().get(len);
-if (cmd == null) {
+if (cmd == null || 
!FourLetterCommands.getWhiteListedCmdView().contains(cmd)) {
--- End diff --

same comment as for NIOServerCnxn


> DOS attack on wchp/wchc four letter words (4lw)
> ---
>
> Key: ZOOKEEPER-2693
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2693
> Project: ZooKeeper
>  Issue Type: Bug
>  Components: security, server
>Affects Versions: 3.4.0, 3.5.1, 3.5.2
>Reporter: Patrick Hunt
>Assignee: Michael Han
>Priority: Blocker
> Fix For: 3.4.10, 3.5.3
>
>
> The wchp/wchc four letter words can be exploited in a DOS attack on the ZK 
> client port - typically 2181. The following POC attack was recently published 
> on the web:
> https://webcache.googleusercontent.com/search?q=cache:_CNGIz10PRYJ:https://www.exploit-db.com/exploits/41277/+=14=en=clnk=us
> The most straightforward way to block this attack is to not allow access to 
> the client port to non-trusted clients - i.e. firewall the ZooKeeper service 
> and only allow access to trusted applications using it for coordination.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[GitHub] zookeeper pull request #179: ZOOKEEPER-2693: DOS attack on wchp/wchc four le...

2017-02-17 Thread arshadmohammad 
Github user arshadmohammad commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101818408
  
--- Diff: src/java/main/org/apache/zookeeper/server/NettyServerCnxn.java ---
@@ -268,7 +268,7 @@ private boolean checkFourLetterWord(final Channel 
channel,
 // We take advantage of the limited size of the length to look
 // for cmds. They are all 4-bytes which fits inside of an int
 String cmd = FourLetterCommands.getCmdMapView().get(len);
-if (cmd == null) {
+if (cmd == null || 
!FourLetterCommands.getWhiteListedCmdView().contains(cmd)) {
--- End diff --

same comment as for NIOServerCnxn


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[jira] [Commented] (ZOOKEEPER-2693) DOS attack on wchp/wchc four letter words (4lw)

2017-02-17 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2693?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15872265#comment-15872265
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2693:
---

Github user arshadmohammad commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101818292
  
--- Diff: src/java/main/org/apache/zookeeper/server/NIOServerCnxn.java ---
@@ -479,7 +479,7 @@ private boolean checkFourLetterWord(final SelectionKey 
k, final int len)
 // We take advantage of the limited size of the length to look
 // for cmds. They are all 4-bytes which fits inside of an int
 String cmd = FourLetterCommands.getCmdMapView().get(len);
-if (cmd == null) {
+if (cmd == null || 
!FourLetterCommands.getWhiteListedCmdView().contains(cmd)) {
--- End diff --

if request is for 4lw command, it should be processed in that way only. If 
false is returned from here, the request will proceed as the normal request.
This is major issue in the current patch



> DOS attack on wchp/wchc four letter words (4lw)
> ---
>
> Key: ZOOKEEPER-2693
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2693
> Project: ZooKeeper
>  Issue Type: Bug
>  Components: security, server
>Affects Versions: 3.4.0, 3.5.1, 3.5.2
>Reporter: Patrick Hunt
>Assignee: Michael Han
>Priority: Blocker
> Fix For: 3.4.10, 3.5.3
>
>
> The wchp/wchc four letter words can be exploited in a DOS attack on the ZK 
> client port - typically 2181. The following POC attack was recently published 
> on the web:
> https://webcache.googleusercontent.com/search?q=cache:_CNGIz10PRYJ:https://www.exploit-db.com/exploits/41277/+=14=en=clnk=us
> The most straightforward way to block this attack is to not allow access to 
> the client port to non-trusted clients - i.e. firewall the ZooKeeper service 
> and only allow access to trusted applications using it for coordination.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[GitHub] zookeeper pull request #179: ZOOKEEPER-2693: DOS attack on wchp/wchc four le...

2017-02-17 Thread arshadmohammad 
Github user arshadmohammad commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/179#discussion_r101818292
  
--- Diff: src/java/main/org/apache/zookeeper/server/NIOServerCnxn.java ---
@@ -479,7 +479,7 @@ private boolean checkFourLetterWord(final SelectionKey 
k, final int len)
 // We take advantage of the limited size of the length to look
 // for cmds. They are all 4-bytes which fits inside of an int
 String cmd = FourLetterCommands.getCmdMapView().get(len);
-if (cmd == null) {
+if (cmd == null || 
!FourLetterCommands.getWhiteListedCmdView().contains(cmd)) {
--- End diff --

if request is for 4lw command, it should be processed in that way only. If 
false is returned from here, the request will proceed as the normal request.
This is major issue in the current patch



---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

ZooKeeper_branch35_solaris - Build # 443 - Failure

2017-02-17 Thread Apache Jenkins Server 
See https://builds.apache.org/job/ZooKeeper_branch35_solaris/443/

###
## LAST 60 LINES OF THE CONSOLE 
###
[...truncated 476658 lines...]
[junit] 2017-02-17 17:15:03,299 [myid:] - INFO  [main:ClientBase@361] - 
STARTING server instance 127.0.0.1:11222
[junit] 2017-02-17 17:15:03,299 [myid:] - INFO  [main:ZooKeeperServer@907] 
- minSessionTimeout set to 6000
[junit] 2017-02-17 17:15:03,299 [myid:] - INFO  [main:ZooKeeperServer@916] 
- maxSessionTimeout set to 6
[junit] 2017-02-17 17:15:03,299 [myid:] - INFO  [main:ZooKeeperServer@159] 
- Created server with tickTime 3000 minSessionTimeout 6000 maxSessionTimeout 
6 datadir 
/zonestorage/hudson_solaris/home/hudson/hudson-slave/workspace/ZooKeeper_branch35_solaris/build/test/tmp/test827257664757662973.junit.dir/version-2
 snapdir 
/zonestorage/hudson_solaris/home/hudson/hudson-slave/workspace/ZooKeeper_branch35_solaris/build/test/tmp/test827257664757662973.junit.dir/version-2
[junit] 2017-02-17 17:15:03,300 [myid:] - INFO  [main:FileSnap@83] - 
Reading snapshot 
/zonestorage/hudson_solaris/home/hudson/hudson-slave/workspace/ZooKeeper_branch35_solaris/build/test/tmp/test827257664757662973.junit.dir/version-2/snapshot.b
[junit] 2017-02-17 17:15:03,302 [myid:] - INFO  [main:FileTxnSnapLog@320] - 
Snapshotting: 0xb to 
/zonestorage/hudson_solaris/home/hudson/hudson-slave/workspace/ZooKeeper_branch35_solaris/build/test/tmp/test827257664757662973.junit.dir/version-2/snapshot.b
[junit] 2017-02-17 17:15:03,303 [myid:] - ERROR [main:ZooKeeperServer@505] 
- ZKShutdownHandler is not registered, so ZooKeeper server won't take any 
action on ERROR or SHUTDOWN server state changes
[junit] 2017-02-17 17:15:03,304 [myid:] - INFO  
[main:FourLetterWordMain@85] - connecting to 127.0.0.1 11222
[junit] 2017-02-17 17:15:03,304 [myid:] - INFO  
[NIOServerCxnFactory.AcceptThread:0.0.0.0/0.0.0.0:11222:NIOServerCnxnFactory$AcceptThread@296]
 - Accepted socket connection from /127.0.0.1:56836
[junit] 2017-02-17 17:15:03,305 [myid:] - INFO  
[NIOWorkerThread-1:NIOServerCnxn@485] - Processing stat command from 
/127.0.0.1:56836
[junit] 2017-02-17 17:15:03,305 [myid:] - INFO  
[NIOWorkerThread-1:StatCommand@49] - Stat command output
[junit] 2017-02-17 17:15:03,305 [myid:] - INFO  
[NIOWorkerThread-1:NIOServerCnxn@614] - Closed socket connection for client 
/127.0.0.1:56836 (no session established for client)
[junit] 2017-02-17 17:15:03,305 [myid:] - INFO  [main:JMXEnv@228] - 
ensureParent:[InMemoryDataTree, StandaloneServer_port]
[junit] 2017-02-17 17:15:03,307 [myid:] - INFO  [main:JMXEnv@245] - 
expect:InMemoryDataTree
[junit] 2017-02-17 17:15:03,307 [myid:] - INFO  [main:JMXEnv@249] - 
found:InMemoryDataTree 
org.apache.ZooKeeperService:name0=StandaloneServer_port11222,name1=InMemoryDataTree
[junit] 2017-02-17 17:15:03,307 [myid:] - INFO  [main:JMXEnv@245] - 
expect:StandaloneServer_port
[junit] 2017-02-17 17:15:03,307 [myid:] - INFO  [main:JMXEnv@249] - 
found:StandaloneServer_port 
org.apache.ZooKeeperService:name0=StandaloneServer_port11222
[junit] 2017-02-17 17:15:03,307 [myid:] - INFO  
[main:JUnit4ZKTestRunner$LoggedInvokeMethod@82] - Memory used 18177
[junit] 2017-02-17 17:15:03,308 [myid:] - INFO  
[main:JUnit4ZKTestRunner$LoggedInvokeMethod@87] - Number of threads 24
[junit] 2017-02-17 17:15:03,308 [myid:] - INFO  
[main:JUnit4ZKTestRunner$LoggedInvokeMethod@102] - FINISHED TEST METHOD 
testQuota
[junit] 2017-02-17 17:15:03,308 [myid:] - INFO  [main:ClientBase@543] - 
tearDown starting
[junit] 2017-02-17 17:15:03,388 [myid:] - INFO  [main:ZooKeeper@1324] - 
Session: 0x126ca0acd5b closed
[junit] 2017-02-17 17:15:03,388 [myid:] - INFO  
[main-EventThread:ClientCnxn$EventThread@513] - EventThread shut down for 
session: 0x126ca0acd5b
[junit] 2017-02-17 17:15:03,388 [myid:] - INFO  [main:ClientBase@513] - 
STOPPING server
[junit] 2017-02-17 17:15:03,389 [myid:] - INFO  
[NIOServerCxnFactory.AcceptThread:0.0.0.0/0.0.0.0:11222:NIOServerCnxnFactory$AcceptThread@219]
 - accept thread exitted run method
[junit] 2017-02-17 17:15:03,389 [myid:] - INFO  
[NIOServerCxnFactory.SelectorThread-0:NIOServerCnxnFactory$SelectorThread@420] 
- selector thread exitted run method
[junit] 2017-02-17 17:15:03,389 [myid:] - INFO  
[NIOServerCxnFactory.SelectorThread-1:NIOServerCnxnFactory$SelectorThread@420] 
- selector thread exitted run method
[junit] 2017-02-17 17:15:03,389 [myid:] - INFO  
[ConnnectionExpirer:NIOServerCnxnFactory$ConnectionExpirerThread@583] - 
ConnnectionExpirerThread interrupted
[junit] 2017-02-17 17:15:03,389 [myid:] - INFO  [main:ZooKeeperServer@541] 
- shutting down
[junit] 2017-02-17 17:15:03,390 [myid:] - ERROR [main:ZooKeeperServer@505] 
- ZKShutdownHandler is not registered, so ZooKeeper server won't take any

[jira] [Commented] (ZOOKEEPER-2699) Restrict 4lw commands based on client IP

2017-02-17 Thread Robert Joseph Evans (JIRA) 

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2699?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15872094#comment-15872094
 ] 

Robert Joseph Evans commented on ZOOKEEPER-2699:


I'm not sure this will fix the issue.  IP address spoofing is rather simple to 
do.  You are not guaranteed to get a result back, but for 4 letter commands 
doing DoS you really don't care all that much.  In fact it might be better 
because you don't have to worry about your node being bogged down with 
responses from someone else.

If we restrict it to the loopback device or something like that, it is much 
more likely to restrict bad users.

> Restrict 4lw commands based on client IP
> 
>
> Key: ZOOKEEPER-2699
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2699
> Project: ZooKeeper
>  Issue Type: Bug
>  Components: security, server
>Reporter: Mohammad Arshad
>Assignee: Mohammad Arshad
>
> Currently 4lw commands are executed without authentication and can be 
> accessed from any IP which has access to ZooKeeper server. ZOOKEEPER-2693 
> attempts to limit the 4lw commands which are enabled by default or enabled by 
> configuration.
> In addition to ZOOKEEPER-2693 we should also restrict 4lw commands based on 
> client IP as well. It is required for following scenario
> # User wants to enable all the 4lw commands
> # User wants to limit the access of the commands which are considered to be 
> safe by default.
>  
> *Implementation:*
> we can introduce new property 4lw.commands.host.whitelist
> # By default we allow all the hosts, but off course only on the 4lw exposed 
> commands as per the ZOOKEEPER-2693
> # It can be configured to allow individual IPs(192.168.1.2,192.168.1.3 etc.)
> # It can also be configured to allow group of IPs like 192.168.1.*



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (ZOOKEEPER-2691) recreateSocketAddresses may recreate the unreachable IP address

2017-02-17 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2691?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15872069#comment-15872069
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2691:
---

Github user hanm commented on the issue:

https://github.com/apache/zookeeper/pull/173
  
@JiangJiafu What I meant is we can solve the problem (sharing code between 
this issue and ZOOKEEPER-2181) later, after both issues are merged in. We can 
make things progress by doing one step at a time.

Regarding your question of 3.4.10, are you intended to have this patch 
being part of the incoming 3.4.10 release?


> recreateSocketAddresses may recreate the unreachable IP address
> ---
>
> Key: ZOOKEEPER-2691
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2691
> Project: ZooKeeper
>  Issue Type: Bug
>Affects Versions: 3.4.8
> Environment: Centos6.5
> Java8
> ZooKeeper3.4.8
>Reporter: JiangJiafu
>Priority: Minor
>
> The QuorumPeer$QuorumServer.recreateSocketAddress()  is used to resolved the 
> hostname to a new IP address(InetAddress) when any exception happens to the 
> socket. It will be very useful when a hostname can be resolved to more than 
> one IP address.
> But the problem is Java API InetAddress.getByName(String hostname) will 
> always return the first IP address when the hostname can be resolved to more 
> than one IP address, and the first IP address may be unreachable forever. For 
> example, if a machine has two network interfaces: eth0, eth1, say eth0 has 
> ip1, eth1 has ip2, the relationship between hostname and the IP addresses is 
> set in /etc/hosts. When I "close" the eth0 by command "ifdown eth0", the 
> InetAddress.getByName(String hostname)  will still return ip1, which is 
> unreachable forever.
> So I think it will be better to check the IP address by 
> InetAddress.isReachable(long) and choose the reachable IP address. 
> I have modified the ZooKeeper source code, and test the new code in my own 
> environment, and it can work very well when I turn down some network 
> interfaces using "ifdown" command.
> The original code is:
> {code:title=QuorumPeer.java|borderStyle=solid}
> public void recreateSocketAddresses() {
> InetAddress address = null;
> try {
> address = InetAddress.getByName(this.hostname);
> LOG.info("Resolved hostname: {} to address: {}", 
> this.hostname, address);
> this.addr = new InetSocketAddress(address, this.port);
> if (this.electionPort > 0){
> this.electionAddr = new InetSocketAddress(address, 
> this.electionPort);
> }
> } catch (UnknownHostException ex) {
> LOG.warn("Failed to resolve address: {}", this.hostname, ex);
> // Have we succeeded in the past?
> if (this.addr != null) {
> // Yes, previously the lookup succeeded. Leave things as 
> they are
> return;
> }
> // The hostname has never resolved. Create our 
> InetSocketAddress(es) as unresolved
> this.addr = InetSocketAddress.createUnresolved(this.hostname, 
> this.port);
> if (this.electionPort > 0){
> this.electionAddr = 
> InetSocketAddress.createUnresolved(this.hostname,
>
> this.electionPort);
> }
> }
> }
> {code}
> After my modification:
> {code:title=QuorumPeer.java|borderStyle=solid}
> public void recreateSocketAddresses() {
> InetAddress address = null;
> try {
> address = getReachableAddress(this.hostname);
> LOG.info("Resolved hostname: {} to address: {}", 
> this.hostname, address);
> this.addr = new InetSocketAddress(address, this.port);
> if (this.electionPort > 0){
> this.electionAddr = new InetSocketAddress(address, 
> this.electionPort);
> }
> } catch (UnknownHostException ex) {
> LOG.warn("Failed to resolve address: {}", this.hostname, ex);
> // Have we succeeded in the past?
> if (this.addr != null) {
> // Yes, previously the lookup succeeded. Leave things as 
> they are
> return;
> }
> // The hostname has never resolved. Create our 
> InetSocketAddress(es) as unresolved
> this.addr = InetSocketAddress.createUnresolved(this.hostname, 
> this.port);
> if (this.electionPort > 0){
> this.electionAddr = 
>

[GitHub] zookeeper issue #173: ZOOKEEPER-2691: recreateSocketAddresses may recreate t...

2017-02-17 Thread hanm 
Github user hanm commented on the issue:

https://github.com/apache/zookeeper/pull/173
  
@JiangJiafu What I meant is we can solve the problem (sharing code between 
this issue and ZOOKEEPER-2181) later, after both issues are merged in. We can 
make things progress by doing one step at a time.

Regarding your question of 3.4.10, are you intended to have this patch 
being part of the incoming 3.4.10 release?


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[jira] [Commented] (ZOOKEEPER-2700) Force ZooKeeper to generate snapshot

2017-02-17 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2700?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15872068#comment-15872068
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2700:
---

Github user hanm commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/180#discussion_r101793204
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/SnapCommand.java ---
@@ -0,0 +1,53 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.zookeeper.server.command;
+
+import org.apache.zookeeper.server.ServerCnxn;
+import org.apache.zookeeper.server.ZooKeeperThread;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+
+public class SnapCommand extends AbstractFourLetterCommand {
+private static final Logger LOG = 
LoggerFactory.getLogger(SnapCommand.class);
+
+SnapCommand(PrintWriter pw, ServerCnxn serverCnxn) {
+super(pw,serverCnxn);
+}
+
+@Override
+public void commandRun() throws IOException {
+if (!isZKServerRunning()) {
+pw.println(ZK_NOT_SERVING);
+} else {
+Thread snapInProcess = new ZooKeeperThread("Snapshot Thread") {
--- End diff --

Also general comments about adding features to ZK: when you add a new 
feature, please also add tests :)


> Force ZooKeeper to generate snapshot
> 
>
> Key: ZOOKEEPER-2700
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2700
> Project: ZooKeeper
>  Issue Type: Improvement
>Reporter: Flier Lu
>Priority: Minor
>
> When cold backup or remote offline sync Zookeeper instances, we need the 
> latest snapshot.
> Add a four letter `snap` command to force Zookeeper to generate snapshot.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[GitHub] zookeeper pull request #180: ZOOKEEPER-2700 add `snap` command to take snaps...

2017-02-17 Thread hanm 
Github user hanm commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/180#discussion_r101793204
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/SnapCommand.java ---
@@ -0,0 +1,53 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.zookeeper.server.command;
+
+import org.apache.zookeeper.server.ServerCnxn;
+import org.apache.zookeeper.server.ZooKeeperThread;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+
+public class SnapCommand extends AbstractFourLetterCommand {
+private static final Logger LOG = 
LoggerFactory.getLogger(SnapCommand.class);
+
+SnapCommand(PrintWriter pw, ServerCnxn serverCnxn) {
+super(pw,serverCnxn);
+}
+
+@Override
+public void commandRun() throws IOException {
+if (!isZKServerRunning()) {
+pw.println(ZK_NOT_SERVING);
+} else {
+Thread snapInProcess = new ZooKeeperThread("Snapshot Thread") {
--- End diff --

Also general comments about adding features to ZK: when you add a new 
feature, please also add tests :)


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[jira] [Commented] (ZOOKEEPER-2700) Force ZooKeeper to generate snapshot

2017-02-17 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2700?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15872066#comment-15872066
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2700:
---

Github user hanm commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/180#discussion_r101793125
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/SnapCommand.java ---
@@ -0,0 +1,53 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.zookeeper.server.command;
+
+import org.apache.zookeeper.server.ServerCnxn;
+import org.apache.zookeeper.server.ZooKeeperThread;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+
+public class SnapCommand extends AbstractFourLetterCommand {
+private static final Logger LOG = 
LoggerFactory.getLogger(SnapCommand.class);
+
+SnapCommand(PrintWriter pw, ServerCnxn serverCnxn) {
+super(pw,serverCnxn);
+}
+
+@Override
+public void commandRun() throws IOException {
+if (!isZKServerRunning()) {
+pw.println(ZK_NOT_SERVING);
+} else {
+Thread snapInProcess = new ZooKeeperThread("Snapshot Thread") {
--- End diff --

Since this PR is targeting master I suggest considering the option of 
adding a snap API to ZooKeeperAdmin, which is recently introduced to harden 
security around dynamic reconfiguration. ZooKeeperAdmin supports all sorts of 
authentications built in ZK and we can extend it such that only admin (or any 
users that explicitly being granted admin access to cluster) can issue snap 
command.


> Force ZooKeeper to generate snapshot
> 
>
> Key: ZOOKEEPER-2700
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2700
> Project: ZooKeeper
>  Issue Type: Improvement
>Reporter: Flier Lu
>Priority: Minor
>
> When cold backup or remote offline sync Zookeeper instances, we need the 
> latest snapshot.
> Add a four letter `snap` command to force Zookeeper to generate snapshot.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[GitHub] zookeeper pull request #180: ZOOKEEPER-2700 add `snap` command to take snaps...

2017-02-17 Thread hanm 
Github user hanm commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/180#discussion_r101793125
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/SnapCommand.java ---
@@ -0,0 +1,53 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.zookeeper.server.command;
+
+import org.apache.zookeeper.server.ServerCnxn;
+import org.apache.zookeeper.server.ZooKeeperThread;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+
+public class SnapCommand extends AbstractFourLetterCommand {
+private static final Logger LOG = 
LoggerFactory.getLogger(SnapCommand.class);
+
+SnapCommand(PrintWriter pw, ServerCnxn serverCnxn) {
+super(pw,serverCnxn);
+}
+
+@Override
+public void commandRun() throws IOException {
+if (!isZKServerRunning()) {
+pw.println(ZK_NOT_SERVING);
+} else {
+Thread snapInProcess = new ZooKeeperThread("Snapshot Thread") {
--- End diff --

Since this PR is targeting master I suggest considering the option of 
adding a snap API to ZooKeeperAdmin, which is recently introduced to harden 
security around dynamic reconfiguration. ZooKeeperAdmin supports all sorts of 
authentications built in ZK and we can extend it such that only admin (or any 
users that explicitly being granted admin access to cluster) can issue snap 
command.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[jira] [Commented] (ZOOKEEPER-2700) Force ZooKeeper to generate snapshot

2017-02-17 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2700?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15872002#comment-15872002
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2700:
---

Github user eribeiro commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/180#discussion_r101782717
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/SnapCommand.java ---
@@ -0,0 +1,53 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.zookeeper.server.command;
+
+import org.apache.zookeeper.server.ServerCnxn;
+import org.apache.zookeeper.server.ZooKeeperThread;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+
+public class SnapCommand extends AbstractFourLetterCommand {
+private static final Logger LOG = 
LoggerFactory.getLogger(SnapCommand.class);
+
+SnapCommand(PrintWriter pw, ServerCnxn serverCnxn) {
+super(pw,serverCnxn);
+}
+
+@Override
+public void commandRun() throws IOException {
+if (!isZKServerRunning()) {
+pw.println(ZK_NOT_SERVING);
+} else {
+Thread snapInProcess = new ZooKeeperThread("Snapshot Thread") {
+public void run() {
+try {
+zkServer.takeSnapshot();
--- End diff --

Couldn't this call _potentially_ enter on a race condition with this 
snippet below?


https://github.com/apache/zookeeper/blob/ec20c5434cc8a334b3fd25e27d26dccf4793c8f3/src/java/main/org/apache/zookeeper/server/SyncRequestProcessor.java#L132-L141


> Force ZooKeeper to generate snapshot
> 
>
> Key: ZOOKEEPER-2700
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2700
> Project: ZooKeeper
>  Issue Type: Improvement
>Reporter: Flier Lu
>Priority: Minor
>
> When cold backup or remote offline sync Zookeeper instances, we need the 
> latest snapshot.
> Add a four letter `snap` command to force Zookeeper to generate snapshot.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[GitHub] zookeeper pull request #180: ZOOKEEPER-2700 add `snap` command to take snaps...

2017-02-17 Thread eribeiro 
Github user eribeiro commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/180#discussion_r101782717
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/SnapCommand.java ---
@@ -0,0 +1,53 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.zookeeper.server.command;
+
+import org.apache.zookeeper.server.ServerCnxn;
+import org.apache.zookeeper.server.ZooKeeperThread;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+
+public class SnapCommand extends AbstractFourLetterCommand {
+private static final Logger LOG = 
LoggerFactory.getLogger(SnapCommand.class);
+
+SnapCommand(PrintWriter pw, ServerCnxn serverCnxn) {
+super(pw,serverCnxn);
+}
+
+@Override
+public void commandRun() throws IOException {
+if (!isZKServerRunning()) {
+pw.println(ZK_NOT_SERVING);
+} else {
+Thread snapInProcess = new ZooKeeperThread("Snapshot Thread") {
+public void run() {
+try {
+zkServer.takeSnapshot();
--- End diff --

Couldn't this call _potentially_ enter on a race condition with this 
snippet below?


https://github.com/apache/zookeeper/blob/ec20c5434cc8a334b3fd25e27d26dccf4793c8f3/src/java/main/org/apache/zookeeper/server/SyncRequestProcessor.java#L132-L141


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[jira] [Commented] (ZOOKEEPER-2700) Force ZooKeeper to generate snapshot

2017-02-17 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2700?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15871986#comment-15871986
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2700:
---

Github user eribeiro commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/180#discussion_r101779855
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/SnapCommand.java ---
@@ -0,0 +1,53 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.zookeeper.server.command;
+
+import org.apache.zookeeper.server.ServerCnxn;
+import org.apache.zookeeper.server.ZooKeeperThread;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+
+public class SnapCommand extends AbstractFourLetterCommand {
+private static final Logger LOG = 
LoggerFactory.getLogger(SnapCommand.class);
+
+SnapCommand(PrintWriter pw, ServerCnxn serverCnxn) {
+super(pw,serverCnxn);
+}
+
+@Override
+public void commandRun() throws IOException {
+if (!isZKServerRunning()) {
+pw.println(ZK_NOT_SERVING);
+} else {
+Thread snapInProcess = new ZooKeeperThread("Snapshot Thread") {
--- End diff --

I think so too. Commented on the JIRA about that.


> Force ZooKeeper to generate snapshot
> 
>
> Key: ZOOKEEPER-2700
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2700
> Project: ZooKeeper
>  Issue Type: Improvement
>Reporter: Flier Lu
>Priority: Minor
>
> When cold backup or remote offline sync Zookeeper instances, we need the 
> latest snapshot.
> Add a four letter `snap` command to force Zookeeper to generate snapshot.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[GitHub] zookeeper pull request #180: ZOOKEEPER-2700 add `snap` command to take snaps...

2017-02-17 Thread eribeiro 
Github user eribeiro commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/180#discussion_r101779855
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/SnapCommand.java ---
@@ -0,0 +1,53 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.zookeeper.server.command;
+
+import org.apache.zookeeper.server.ServerCnxn;
+import org.apache.zookeeper.server.ZooKeeperThread;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+
+public class SnapCommand extends AbstractFourLetterCommand {
+private static final Logger LOG = 
LoggerFactory.getLogger(SnapCommand.class);
+
+SnapCommand(PrintWriter pw, ServerCnxn serverCnxn) {
+super(pw,serverCnxn);
+}
+
+@Override
+public void commandRun() throws IOException {
+if (!isZKServerRunning()) {
+pw.println(ZK_NOT_SERVING);
+} else {
+Thread snapInProcess = new ZooKeeperThread("Snapshot Thread") {
--- End diff --

I think so too. Commented on the JIRA about that.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[jira] [Commented] (ZOOKEEPER-2700) Force ZooKeeper to generate snapshot

2017-02-17 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2700?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15871959#comment-15871959
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2700:
---

Github user revans2 commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/180#discussion_r101775786
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/SnapCommand.java ---
@@ -0,0 +1,53 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.zookeeper.server.command;
+
+import org.apache.zookeeper.server.ServerCnxn;
+import org.apache.zookeeper.server.ZooKeeperThread;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+
+public class SnapCommand extends AbstractFourLetterCommand {
+private static final Logger LOG = 
LoggerFactory.getLogger(SnapCommand.class);
+
+SnapCommand(PrintWriter pw, ServerCnxn serverCnxn) {
+super(pw,serverCnxn);
+}
+
+@Override
+public void commandRun() throws IOException {
+if (!isZKServerRunning()) {
+pw.println(ZK_NOT_SERVING);
+} else {
+Thread snapInProcess = new ZooKeeperThread("Snapshot Thread") {
--- End diff --

Wouldn't this also be a potential DoS attack?  Especially with launching a 
new thread in the background for the snapshot.  Could we put in some sort of 
throttling on taking the snapshot, so that we don't do it too frequently?


> Force ZooKeeper to generate snapshot
> 
>
> Key: ZOOKEEPER-2700
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2700
> Project: ZooKeeper
>  Issue Type: Improvement
>Reporter: Flier Lu
>Priority: Minor
>
> When cold backup or remote offline sync Zookeeper instances, we need the 
> latest snapshot.
> Add a four letter `snap` command to force Zookeeper to generate snapshot.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[GitHub] zookeeper pull request #180: ZOOKEEPER-2700 add `snap` command to take snaps...

2017-02-17 Thread revans2 
Github user revans2 commented on a diff in the pull request:

https://github.com/apache/zookeeper/pull/180#discussion_r101775786
  
--- Diff: 
src/java/main/org/apache/zookeeper/server/command/SnapCommand.java ---
@@ -0,0 +1,53 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.zookeeper.server.command;
+
+import org.apache.zookeeper.server.ServerCnxn;
+import org.apache.zookeeper.server.ZooKeeperThread;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+
+public class SnapCommand extends AbstractFourLetterCommand {
+private static final Logger LOG = 
LoggerFactory.getLogger(SnapCommand.class);
+
+SnapCommand(PrintWriter pw, ServerCnxn serverCnxn) {
+super(pw,serverCnxn);
+}
+
+@Override
+public void commandRun() throws IOException {
+if (!isZKServerRunning()) {
+pw.println(ZK_NOT_SERVING);
+} else {
+Thread snapInProcess = new ZooKeeperThread("Snapshot Thread") {
--- End diff --

Wouldn't this also be a potential DoS attack?  Especially with launching a 
new thread in the background for the snapshot.  Could we put in some sort of 
throttling on taking the snapshot, so that we don't do it too frequently?


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

[jira] [Commented] (ZOOKEEPER-2700) Force ZooKeeper to generate snapshot

2017-02-17 Thread Edward Ribeiro (JIRA) 

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2700?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15871945#comment-15871945
 ] 

Edward Ribeiro commented on ZOOKEEPER-2700:
---

Hi [~flier],

Some observations: 

1) this issue is a duplicate of ZOOKEEPER-1729 so I am marking it as such.

2) based on discussions on ZOOKEEPER-1729 (please, read it) and the security 
problems related on ZOOKEEPER-2693, implementing this command as a 4lw is a big 
*NO*. I think it could be be implemented as a JMX command and/or a ServerAdmin 
command tough.

Additional comments I will post on the GH review comment.

Cheers!

> Force ZooKeeper to generate snapshot
> 
>
> Key: ZOOKEEPER-2700
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2700
> Project: ZooKeeper
>  Issue Type: Improvement
>Reporter: Flier Lu
>Priority: Minor
>
> When cold backup or remote offline sync Zookeeper instances, we need the 
> latest snapshot.
> Add a four letter `snap` command to force Zookeeper to generate snapshot.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Comment Edited] (ZOOKEEPER-2700) Force ZooKeeper to generate snapshot

2017-02-17 Thread Edward Ribeiro (JIRA) 

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2700?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15871945#comment-15871945
 ] 

Edward Ribeiro edited comment on ZOOKEEPER-2700 at 2/17/17 3:07 PM:


Hi [~flier],

Some observations: 

1) this issue is a duplicate of ZOOKEEPER-1729 so I am marking it as such.

2) based on discussions on ZOOKEEPER-1729 (please, read it) and the security 
problems related on ZOOKEEPER-2693, implementing this command as a 4lw is a big 
*NO*. I think it could be be implemented as a JMX command and/or a ServerAdmin 
command tough.

3) Where are your unit tests? :) 

Additional comments I will post on the GH review comment.

Cheers!


was (Author: eribeiro):
Hi [~flier],

Some observations: 

1) this issue is a duplicate of ZOOKEEPER-1729 so I am marking it as such.

2) based on discussions on ZOOKEEPER-1729 (please, read it) and the security 
problems related on ZOOKEEPER-2693, implementing this command as a 4lw is a big 
*NO*. I think it could be be implemented as a JMX command and/or a ServerAdmin 
command tough.

Additional comments I will post on the GH review comment.

Cheers!

> Force ZooKeeper to generate snapshot
> 
>
> Key: ZOOKEEPER-2700
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2700
> Project: ZooKeeper
>  Issue Type: Improvement
>Reporter: Flier Lu
>Priority: Minor
>
> When cold backup or remote offline sync Zookeeper instances, we need the 
> latest snapshot.
> Add a four letter `snap` command to force Zookeeper to generate snapshot.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Re: Graceful close of ZooKeeper client

2017-02-17 Thread Edward Ribeiro 
Hey Enrico,

I suggest you to get in touch with Jordan Zimmerman (here on the list) to
make sure your proposed change doesn't break backwards compatibility.
Jordan is creator of Curator, the best ZK lib out there, and an active
member on this list.

Cheers,
Eddie

On Thu, Feb 16, 2017 at 2:14 PM, Enrico Olivelli 
wrote:

> Hi ZooKeepers,
> I have just created this and issue to improve client-side "close"
>
> https://issues.apache.org/jira/browse/ZOOKEEPER-2697 Handle graceful stop
> of ZookKeeper client
>
> If the idea is acceptable for you I can write a patch and file a PR.
>
> Thanks
> -- Enrico
>

ZooKeeper_branch34_openjdk7 - Build # 1396 - Still Failing

2017-02-17 Thread Apache Jenkins Server 
See https://builds.apache.org/job/ZooKeeper_branch34_openjdk7/1396/

###
## LAST 60 LINES OF THE CONSOLE 
###
Started by timer
[EnvInject] - Loading node environment variables.
Building remotely on ubuntu-5 (Ubuntu yahoo-not-h2 ubuntu ubuntu5 docker) in 
workspace /home/jenkins/jenkins-slave/workspace/ZooKeeper_branch34_openjdk7
 > git rev-parse --is-inside-work-tree # timeout=10
Fetching changes from the remote Git repository
 > git config remote.origin.url git://git.apache.org/zookeeper.git # timeout=10
Cleaning workspace
 > git rev-parse --verify HEAD # timeout=10
Resetting working tree
 > git reset --hard # timeout=10
 > git clean -fdx # timeout=10
Fetching upstream changes from git://git.apache.org/zookeeper.git
 > git --version # timeout=10
 > git -c core.askpass=true fetch --tags --progress 
 > git://git.apache.org/zookeeper.git +refs/heads/*:refs/remotes/origin/*
 > git rev-parse refs/remotes/origin/branch-3.4^{commit} # timeout=10
 > git rev-parse refs/remotes/origin/origin/branch-3.4^{commit} # timeout=10
Checking out Revision 373b82bab843cc84c22b99f6511f8fea974fd2b4 
(refs/remotes/origin/branch-3.4)
 > git config core.sparsecheckout # timeout=10
 > git checkout -f 373b82bab843cc84c22b99f6511f8fea974fd2b4
 > git rev-list 373b82bab843cc84c22b99f6511f8fea974fd2b4 # timeout=10
No emails were triggered.
[ZooKeeper_branch34_openjdk7] $ /home/jenkins/tools/ant/latest/bin/ant 
-Dtest.output=yes -Dtest.junit.threads=8 -Dtest.junit.output.format=xml 
-Djavac.target=1.7 clean test-core-java
Exception in thread "main" java.lang.UnsupportedClassVersionError: 
org/apache/tools/ant/launch/Launcher : Unsupported major.minor version 52.0
at java.lang.ClassLoader.defineClass1(Native Method)
at java.lang.ClassLoader.defineClass(ClassLoader.java:803)
at 
java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142)
at java.net.URLClassLoader.defineClass(URLClassLoader.java:442)
at java.net.URLClassLoader.access$100(URLClassLoader.java:64)
at java.net.URLClassLoader$1.run(URLClassLoader.java:354)
at java.net.URLClassLoader$1.run(URLClassLoader.java:348)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:347)
at java.lang.ClassLoader.loadClass(ClassLoader.java:425)
at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:308)
at java.lang.ClassLoader.loadClass(ClassLoader.java:358)
at sun.launcher.LauncherHelper.checkAndLoadMain(LauncherHelper.java:482)
Build step 'Invoke Ant' marked build as failure
Recording test results
ERROR: Step ?Publish JUnit test result report? failed: No test report files 
were found. Configuration error?
Email was triggered for: Failure - Any
Sending email for trigger: Failure - Any



###
## FAILED TESTS (if any) 
##
No tests ran.

[jira] [Commented] (ZOOKEEPER-2700) Force ZooKeeper to generate snapshot

2017-02-17 Thread Hadoop QA (JIRA) 

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2700?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15871927#comment-15871927
 ] 

Hadoop QA commented on ZOOKEEPER-2700:
--

-1 overall.  GitHub Pull Request  Build
  

+1 @author.  The patch does not contain any @author tags.

+0 tests included.  The patch appears to be a documentation patch that 
doesn't require tests.

+1 javadoc.  The javadoc tool did not generate any warning messages.

+1 javac.  The applied patch does not increase the total number of javac 
compiler warnings.

+1 findbugs.  The patch does not introduce any new Findbugs (version 3.0.1) 
warnings.

+1 release audit.  The applied patch does not increase the total number of 
release audit warnings.

-1 core tests.  The patch failed core unit tests.

+1 contrib tests.  The patch passed contrib unit tests.

Test results: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/350//testReport/
Findbugs warnings: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/350//artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html
Console output: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/350//console

This message is automatically generated.

> Force ZooKeeper to generate snapshot
> 
>
> Key: ZOOKEEPER-2700
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2700
> Project: ZooKeeper
>  Issue Type: Improvement
>Reporter: Flier Lu
>Priority: Minor
>
> When cold backup or remote offline sync Zookeeper instances, we need the 
> latest snapshot.
> Add a four letter `snap` command to force Zookeeper to generate snapshot.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Failed: ZOOKEEPER- PreCommit Build #350

2017-02-17 Thread Apache Jenkins Server 
Build: https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/350/

###
## LAST 60 LINES OF THE CONSOLE 
###
[...truncated 480525 lines...]
 [exec] 
 [exec] +1 javadoc.  The javadoc tool did not generate any warning 
messages.
 [exec] 
 [exec] +1 javac.  The applied patch does not increase the total number 
of javac compiler warnings.
 [exec] 
 [exec] +1 findbugs.  The patch does not introduce any new Findbugs 
(version 3.0.1) warnings.
 [exec] 
 [exec] +1 release audit.  The applied patch does not increase the 
total number of release audit warnings.
 [exec] 
 [exec] -1 core tests.  The patch failed core unit tests.
 [exec] 
 [exec] +1 contrib tests.  The patch passed contrib unit tests.
 [exec] 
 [exec] Test results: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/350//testReport/
 [exec] Findbugs warnings: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/350//artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html
 [exec] Console output: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/350//console
 [exec] 
 [exec] This message is automatically generated.
 [exec] 
 [exec] 
 [exec] 
==
 [exec] 
==
 [exec] Adding comment to Jira.
 [exec] 
==
 [exec] 
==
 [exec] 
 [exec] 
 [exec] Comment added.
 [exec] a074e565f1d14f0d6b183df2acf1dff1be0bdaab logged out
 [exec] 
 [exec] 
 [exec] 
==
 [exec] 
==
 [exec] Finished build.
 [exec] 
==
 [exec] 
==
 [exec] 
 [exec] 
 [exec] mv: 
'/home/jenkins/jenkins-slave/workspace/PreCommit-ZOOKEEPER-github-pr-build/patchprocess'
 and 
'/home/jenkins/jenkins-slave/workspace/PreCommit-ZOOKEEPER-github-pr-build/patchprocess'
 are the same file

BUILD FAILED
/home/jenkins/jenkins-slave/workspace/PreCommit-ZOOKEEPER-github-pr-build/build.xml:1635:
 exec returned: 1

Total time: 14 minutes 6 seconds
Build step 'Execute shell' marked build as failure
Archiving artifacts
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Compressed 576.14 KB of artifacts by 44.4% relative to #337
Recording test results
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
[description-setter] Description set: ZOOKEEPER-2700
Putting comment on the pull request
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Email was triggered for: Failure - Any
Sending email for trigger: Failure - Any
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7



###
## FAILED TESTS (if any) 
##
1 tests failed.
FAILED:  
org.apache.zookeeper.test.WatchEventWhenAutoResetTest.testNodeDataChanged

Error Message:
expected: but was:

Stack Trace:
junit.framework.AssertionFailedError: expected: but 
was:
at 
org.apache.zookeeper.test.WatchEventWhenAutoResetTest$EventsWatcher.assertEvent(WatchEventWhenAutoResetTest.java:67)
at 
org.apache.zookeeper.test.WatchEventWhenAutoResetTest.testNodeDataChanged(WatchEventWhenAutoResetTest.java:117)
at 
org.apache.zookeeper.JUnit4ZKTestRunner$LoggedInvokeMethod.evaluate(JUnit4ZKTestRunner.java:79)

[jira] [Commented] (ZOOKEEPER-2700) Force ZooKeeper to generate snapshot

2017-02-17 Thread Hadoop QA (JIRA) 

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2700?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15871902#comment-15871902
 ] 

Hadoop QA commented on ZOOKEEPER-2700:
--

-1 overall.  GitHub Pull Request  Build
  

+1 @author.  The patch does not contain any @author tags.

+0 tests included.  The patch appears to be a documentation patch that 
doesn't require tests.

+1 javadoc.  The javadoc tool did not generate any warning messages.

+1 javac.  The applied patch does not increase the total number of javac 
compiler warnings.

+1 findbugs.  The patch does not introduce any new Findbugs (version 3.0.1) 
warnings.

-1 release audit.  The applied patch generated 1 release audit warnings 
(more than the trunk's current 0 warnings).

-1 core tests.  The patch failed core unit tests.

-1 contrib tests.  The patch failed contrib unit tests.

Test results: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/348//testReport/
Release audit warnings: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/348//artifact/trunk/patchprocess/patchReleaseAuditProblems.txt
Findbugs warnings: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/348//artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html
Console output: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/348//console

This message is automatically generated.

> Force ZooKeeper to generate snapshot
> 
>
> Key: ZOOKEEPER-2700
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2700
> Project: ZooKeeper
>  Issue Type: Improvement
>Reporter: Flier Lu
>Priority: Minor
>
> When cold backup or remote offline sync Zookeeper instances, we need the 
> latest snapshot.
> Add a four letter `snap` command to force Zookeeper to generate snapshot.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Failed: ZOOKEEPER- PreCommit Build #348

2017-02-17 Thread Apache Jenkins Server 
Build: https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/348/

###
## LAST 60 LINES OF THE CONSOLE 
###
[...truncated 410713 lines...]
 [exec] +1 javadoc.  The javadoc tool did not generate any warning 
messages.
 [exec] 
 [exec] +1 javac.  The applied patch does not increase the total number 
of javac compiler warnings.
 [exec] 
 [exec] +1 findbugs.  The patch does not introduce any new Findbugs 
(version 3.0.1) warnings.
 [exec] 
 [exec] -1 release audit.  The applied patch generated 1 release audit 
warnings (more than the trunk's current 0 warnings).
 [exec] 
 [exec] -1 core tests.  The patch failed core unit tests.
 [exec] 
 [exec] -1 contrib tests.  The patch failed contrib unit tests.
 [exec] 
 [exec] Test results: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/348//testReport/
 [exec] Release audit warnings: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/348//artifact/trunk/patchprocess/patchReleaseAuditProblems.txt
 [exec] Findbugs warnings: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/348//artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html
 [exec] Console output: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/348//console
 [exec] 
 [exec] This message is automatically generated.
 [exec] 
 [exec] 
 [exec] 
==
 [exec] 
==
 [exec] Adding comment to Jira.
 [exec] 
==
 [exec] 
==
 [exec] 
 [exec] 
 [exec] Comment added.
 [exec] 69518d15bdb4921acee9f382aa941aa4fe48f5b6 logged out
 [exec] 
 [exec] 
 [exec] 
==
 [exec] 
==
 [exec] Finished build.
 [exec] 
==
 [exec] 
==
 [exec] 
 [exec] 
 [exec] mv: 
'/home/jenkins/jenkins-slave/workspace/PreCommit-ZOOKEEPER-github-pr-build/patchprocess'
 and 
'/home/jenkins/jenkins-slave/workspace/PreCommit-ZOOKEEPER-github-pr-build/patchprocess'
 are the same file

BUILD FAILED
/home/jenkins/jenkins-slave/workspace/PreCommit-ZOOKEEPER-github-pr-build/build.xml:1635:
 exec returned: 3

Total time: 9 minutes 53 seconds
Build step 'Execute shell' marked build as failure
Archiving artifacts
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Compressed 578.51 KB of artifacts by 44.3% relative to #337
Recording test results
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
[description-setter] Description set: ZOOKEEPER-2700
Putting comment on the pull request
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Email was triggered for: Failure - Any
Sending email for trigger: Failure - Any
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7



###
## FAILED TESTS (if any) 
##
1 tests failed.
FAILED:  
org.apache.zookeeper.test.RestoreCommittedLogTest.testRestoreCommittedLog

Error Message:
log size != 0

Stack Trace:
junit.framework.AssertionFailedError: log size != 0
at 
org.apache.zookeeper.test.RestoreCommittedLogTest.testRestoreCommittedLog(RestoreCommittedLogTest.java:80)
at 
org.apache.zookeeper.JUnit4ZKTestRunner$LoggedInvokeMethod.evaluate(JUnit4ZKTestRunner.java:79)

Failed: ZOOKEEPER- PreCommit Build #349

2017-02-17 Thread Apache Jenkins Server 
Build: https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/349/

###
## LAST 60 LINES OF THE CONSOLE 
###
[...truncated 500 lines...]
 [exec] 
 [exec] +1 javac.  The applied patch does not increase the total number 
of javac compiler warnings.
 [exec] 
 [exec] +1 findbugs.  The patch does not introduce any new Findbugs 
(version 3.0.1) warnings.
 [exec] 
 [exec] -1 release audit.  The applied patch generated 1 release audit 
warnings (more than the trunk's current 0 warnings).
 [exec] 
 [exec] -1 core tests.  The patch failed core unit tests.
 [exec] 
 [exec] +1 contrib tests.  The patch passed contrib unit tests.
 [exec] 
 [exec] Test results: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/349//testReport/
 [exec] Release audit warnings: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/349//artifact/trunk/patchprocess/patchReleaseAuditProblems.txt
 [exec] Findbugs warnings: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/349//artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html
 [exec] Console output: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/349//console
 [exec] 
 [exec] This message is automatically generated.
 [exec] 
 [exec] 
 [exec] 
==
 [exec] 
==
 [exec] Adding comment to Jira.
 [exec] 
==
 [exec] 
==
 [exec] 
 [exec] 
 [exec] Comment added.
 [exec] f48a5f2dac197804aadfe3ba637b2be6b7ca6a84 logged out
 [exec] 
 [exec] 
 [exec] 
==
 [exec] 
==
 [exec] Finished build.
 [exec] 
==
 [exec] 
==
 [exec] 
 [exec] 
 [exec] mv: 
'/home/jenkins/jenkins-slave/workspace/PreCommit-ZOOKEEPER-github-pr-build@2/patchprocess'
 and 
'/home/jenkins/jenkins-slave/workspace/PreCommit-ZOOKEEPER-github-pr-build@2/patchprocess'
 are the same file

BUILD FAILED
/home/jenkins/jenkins-slave/workspace/PreCommit-ZOOKEEPER-github-pr-build@2/build.xml:1635:
 exec returned: 2

Total time: 2 minutes 58 seconds
Build step 'Execute shell' marked build as failure
Archiving artifacts
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Compressed 582.15 KB of artifacts by 11.0% relative to #337
Recording test results
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
ERROR: Step ?Publish JUnit test result report? failed: No test report files 
were found. Configuration error?
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
[description-setter] Description set: ZOOKEEPER-2700
Putting comment on the pull request
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Email was triggered for: Failure - Any
Sending email for trigger: Failure - Any
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7
Setting JDK_1_7_LATEST__HOME=/home/jenkins/tools/java/latest1.7



###
## FAILED TESTS (if any) 
##
No tests ran.

[jira] [Commented] (ZOOKEEPER-2700) Force ZooKeeper to generate snapshot

2017-02-17 Thread Hadoop QA (JIRA) 

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2700?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15871903#comment-15871903
 ] 

Hadoop QA commented on ZOOKEEPER-2700:
--

-1 overall.  GitHub Pull Request  Build
  

+1 @author.  The patch does not contain any @author tags.

+0 tests included.  The patch appears to be a documentation patch that 
doesn't require tests.

+1 javadoc.  The javadoc tool did not generate any warning messages.

+1 javac.  The applied patch does not increase the total number of javac 
compiler warnings.

+1 findbugs.  The patch does not introduce any new Findbugs (version 3.0.1) 
warnings.

-1 release audit.  The applied patch generated 1 release audit warnings 
(more than the trunk's current 0 warnings).

-1 core tests.  The patch failed core unit tests.

+1 contrib tests.  The patch passed contrib unit tests.

Test results: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/349//testReport/
Release audit warnings: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/349//artifact/trunk/patchprocess/patchReleaseAuditProblems.txt
Findbugs warnings: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/349//artifact/trunk/build/test/findbugs/newPatchFindbugsWarnings.html
Console output: 
https://builds.apache.org/job/PreCommit-ZOOKEEPER-github-pr-build/349//console

This message is automatically generated.

> Force ZooKeeper to generate snapshot
> 
>
> Key: ZOOKEEPER-2700
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2700
> Project: ZooKeeper
>  Issue Type: Improvement
>Reporter: Flier Lu
>Priority: Minor
>
> When cold backup or remote offline sync Zookeeper instances, we need the 
> latest snapshot.
> Add a four letter `snap` command to force Zookeeper to generate snapshot.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (ZOOKEEPER-2700) Force ZooKeeper to generate snapshot

2017-02-17 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/ZOOKEEPER-2700?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15871889#comment-15871889
 ] 

ASF GitHub Bot commented on ZOOKEEPER-2700:
---

GitHub user flier opened a pull request:

https://github.com/apache/zookeeper/pull/180

ZOOKEEPER-2700 add  command to take snapshot

When cold backup or remote offline sync Zookeeper instances, we need the 
latest snapshot.

Add a four letter `snap` command to force Zookeeper to generate snapshot.

You can merge this pull request into a Git repository by running:

$ git pull https://github.com/flier/zookeeper ZOOKEEPER-2700

Alternatively you can review and apply these changes as the patch at:

https://github.com/apache/zookeeper/pull/180.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

This closes #180


commit e1dc4c94ea41a3fc0e5511fe1d69e02f27f4f0b8
Author: Flier Lu 
Date:   2017-02-17T13:48:19Z

add  command to take snapshot

commit 77402134bf172566b69b0ffe72f19f18b93ec989
Author: Flier Lu 
Date:   2017-02-17T13:57:51Z

add document




> Force ZooKeeper to generate snapshot
> 
>
> Key: ZOOKEEPER-2700
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-2700
> Project: ZooKeeper
>  Issue Type: Improvement
>Reporter: Flier Lu
>Priority: Minor
>
> When cold backup or remote offline sync Zookeeper instances, we need the 
> latest snapshot.
> Add a four letter `snap` command to force Zookeeper to generate snapshot.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

  1   2   >